Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-5535
Vulnerability from cvelistv5
Published
2024-06-27 10:30
Modified
2025-02-13 17:54
Severity ?
EPSS score ?
Summary
Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an
empty supported client protocols buffer may cause a crash or memory contents to
be sent to the peer.
Impact summary: A buffer overread can have a range of potential consequences
such as unexpected application beahviour or a crash. In particular this issue
could result in up to 255 bytes of arbitrary private data from memory being sent
to the peer leading to a loss of confidentiality. However, only applications
that directly call the SSL_select_next_proto function with a 0 length list of
supported client protocols are affected by this issue. This would normally never
be a valid scenario and is typically not under attacker control but may occur by
accident in the case of a configuration or programming error in the calling
application.
The OpenSSL API function SSL_select_next_proto is typically used by TLS
applications that support ALPN (Application Layer Protocol Negotiation) or NPN
(Next Protocol Negotiation). NPN is older, was never standardised and
is deprecated in favour of ALPN. We believe that ALPN is significantly more
widely deployed than NPN. The SSL_select_next_proto function accepts a list of
protocols from the server and a list of protocols from the client and returns
the first protocol that appears in the server list that also appears in the
client list. In the case of no overlap between the two lists it returns the
first item in the client list. In either case it will signal whether an overlap
between the two lists was found. In the case where SSL_select_next_proto is
called with a zero length client list it fails to notice this condition and
returns the memory immediately following the client list pointer (and reports
that there was no overlap in the lists).
This function is typically called from a server side application callback for
ALPN or a client side application callback for NPN. In the case of ALPN the list
of protocols supplied by the client is guaranteed by libssl to never be zero in
length. The list of server protocols comes from the application and should never
normally be expected to be of zero length. In this case if the
SSL_select_next_proto function has been called as expected (with the list
supplied by the client passed in the client/client_len parameters), then the
application will not be vulnerable to this issue. If the application has
accidentally been configured with a zero length server list, and has
accidentally passed that zero length server list in the client/client_len
parameters, and has additionally failed to correctly handle a "no overlap"
response (which would normally result in a handshake failure in ALPN) then it
will be vulnerable to this problem.
In the case of NPN, the protocol permits the client to opportunistically select
a protocol when there is no overlap. OpenSSL returns the first client protocol
in the no overlap case in support of this. The list of client protocols comes
from the application and should never normally be expected to be of zero length.
However if the SSL_select_next_proto function is accidentally called with a
client_len of 0 then an invalid memory pointer will be returned instead. If the
application uses this output as the opportunistic protocol then the loss of
confidentiality will occur.
This issue has been assessed as Low severity because applications are most
likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not
widely used. It also requires an application configuration or programming error.
Finally, this issue would not typically be under attacker control making active
exploitation unlikely.
The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
Due to the low severity of this issue we are not issuing new releases of
OpenSSL at this time. The fix will be included in the next releases when they
become available.
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "openssl", "vendor": "openssl", "versions": [ { "lessThan": "3.3.2", "status": "affected", "version": "3.3.0", "versionType": "custom" }, { "lessThan": "3.2.3", "status": "affected", "version": "3.2.0", "versionType": "custom" }, { "lessThan": "3.1.7", "status": "affected", "version": "3.1.0", "versionType": "custom" }, { "lessThan": "3.0.15", "status": "affected", "version": "3.0.0", "versionType": "custom" }, { "lessThan": "1.1.1za", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zk", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-5535", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-14T04:55:17.007Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-15T12:04:53.153Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20240627.txt" }, { "name": "3.3.2 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c" }, { "name": "3.2.3 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e" }, { "name": "3.1.7 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37" }, { "name": "3.0.15 git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c" }, { "name": "1.1.1za git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87" }, { "name": "1.0.2zk git commit", "tags": [ "patch", "x_transferred" ], "url": "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/27/1" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240712-0005/" }, { "url": "http://www.openwall.com/lists/oss-security/2024/08/15/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "lessThan": "3.3.2", "status": "affected", "version": "3.3.0", "versionType": "semver" }, { "lessThan": "3.2.3", "status": "affected", "version": "3.2.0", "versionType": "semver" }, { "lessThan": "3.1.7", "status": "affected", "version": "3.1.0", "versionType": "semver" }, { "lessThan": "3.0.15", "status": "affected", "version": "3.0.0", "versionType": "semver" }, { "lessThan": "1.1.1za", "status": "affected", "version": "1.1.1", "versionType": "custom" }, { "lessThan": "1.0.2zk", "status": "affected", "version": "1.0.2", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Joseph Birr-Pixton" }, { "lang": "en", "type": "analyst", "value": "David Benjamin (Google)" }, { "lang": "en", "type": "remediation developer", "value": "Matt Caswell" } ], "datePublic": "2024-06-26T23:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\u003cbr\u003eempty supported client protocols buffer may cause a crash or memory contents to\u003cbr\u003ebe sent to the peer.\u003cbr\u003e\u003cbr\u003eImpact summary: A buffer overread can have a range of potential consequences\u003cbr\u003esuch as unexpected application beahviour or a crash. In particular this issue\u003cbr\u003ecould result in up to 255 bytes of arbitrary private data from memory being sent\u003cbr\u003eto the peer leading to a loss of confidentiality. However, only applications\u003cbr\u003ethat directly call the SSL_select_next_proto function with a 0 length list of\u003cbr\u003esupported client protocols are affected by this issue. This would normally never\u003cbr\u003ebe a valid scenario and is typically not under attacker control but may occur by\u003cbr\u003eaccident in the case of a configuration or programming error in the calling\u003cbr\u003eapplication.\u003cbr\u003e\u003cbr\u003eThe OpenSSL API function SSL_select_next_proto is typically used by TLS\u003cbr\u003eapplications that support ALPN (Application Layer Protocol Negotiation) or NPN\u003cbr\u003e(Next Protocol Negotiation). NPN is older, was never standardised and\u003cbr\u003eis deprecated in favour of ALPN. We believe that ALPN is significantly more\u003cbr\u003ewidely deployed than NPN. The SSL_select_next_proto function accepts a list of\u003cbr\u003eprotocols from the server and a list of protocols from the client and returns\u003cbr\u003ethe first protocol that appears in the server list that also appears in the\u003cbr\u003eclient list. In the case of no overlap between the two lists it returns the\u003cbr\u003efirst item in the client list. In either case it will signal whether an overlap\u003cbr\u003ebetween the two lists was found. In the case where SSL_select_next_proto is\u003cbr\u003ecalled with a zero length client list it fails to notice this condition and\u003cbr\u003ereturns the memory immediately following the client list pointer (and reports\u003cbr\u003ethat there was no overlap in the lists).\u003cbr\u003e\u003cbr\u003eThis function is typically called from a server side application callback for\u003cbr\u003eALPN or a client side application callback for NPN. In the case of ALPN the list\u003cbr\u003eof protocols supplied by the client is guaranteed by libssl to never be zero in\u003cbr\u003elength. The list of server protocols comes from the application and should never\u003cbr\u003enormally be expected to be of zero length. In this case if the\u003cbr\u003eSSL_select_next_proto function has been called as expected (with the list\u003cbr\u003esupplied by the client passed in the client/client_len parameters), then the\u003cbr\u003eapplication will not be vulnerable to this issue. If the application has\u003cbr\u003eaccidentally been configured with a zero length server list, and has\u003cbr\u003eaccidentally passed that zero length server list in the client/client_len\u003cbr\u003eparameters, and has additionally failed to correctly handle a \"no overlap\"\u003cbr\u003eresponse (which would normally result in a handshake failure in ALPN) then it\u003cbr\u003ewill be vulnerable to this problem.\u003cbr\u003e\u003cbr\u003eIn the case of NPN, the protocol permits the client to opportunistically select\u003cbr\u003ea protocol when there is no overlap. OpenSSL returns the first client protocol\u003cbr\u003ein the no overlap case in support of this. The list of client protocols comes\u003cbr\u003efrom the application and should never normally be expected to be of zero length.\u003cbr\u003eHowever if the SSL_select_next_proto function is accidentally called with a\u003cbr\u003eclient_len of 0 then an invalid memory pointer will be returned instead. If the\u003cbr\u003eapplication uses this output as the opportunistic protocol then the loss of\u003cbr\u003econfidentiality will occur.\u003cbr\u003e\u003cbr\u003eThis issue has been assessed as Low severity because applications are most\u003cbr\u003elikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\u003cbr\u003ewidely used. It also requires an application configuration or programming error.\u003cbr\u003eFinally, this issue would not typically be under attacker control making active\u003cbr\u003eexploitation unlikely.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\u003cbr\u003e\u003cbr\u003e\n\nDue to the low severity of this issue we are not issuing new releases of\u003cbr\u003eOpenSSL at this time. The fix will be included in the next releases when they\u003cbr\u003ebecome available." } ], "value": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available." } ], "metrics": [ { "format": "other", "other": { "content": { "text": "Low" }, "type": "https://www.openssl.org/policies/secpolicy.html" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-12T14:06:04.752Z", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "OpenSSL Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.openssl.org/news/secadv/20240627.txt" }, { "name": "3.3.2 git commit", "tags": [ "patch" ], "url": "https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c" }, { "name": "3.2.3 git commit", "tags": [ "patch" ], "url": "https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e" }, { "name": "3.1.7 git commit", "tags": [ "patch" ], "url": "https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37" }, { "name": "3.0.15 git commit", "tags": [ "patch" ], "url": "https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c" }, { "name": "1.1.1za git commit", "tags": [ "patch" ], "url": "https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87" }, { "name": "1.0.2zk git commit", "tags": [ "patch" ], "url": "https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c" }, { "url": "http://www.openwall.com/lists/oss-security/2024/06/27/1" }, { "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4" }, { "url": "https://security.netapp.com/advisory/ntap-20240712-0005/" } ], "source": { "discovery": "UNKNOWN" }, "title": "SSL_select_next_proto buffer overread", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2024-5535", "datePublished": "2024-06-27T10:30:53.118Z", "dateReserved": "2024-05-30T15:34:36.813Z", "dateUpdated": "2025-02-13T17:54:20.802Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-5535\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2024-06-27T11:15:24.447\",\"lastModified\":\"2024-11-21T09:47:53.090\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\\nempty supported client protocols buffer may cause a crash or memory contents to\\nbe sent to the peer.\\n\\nImpact summary: A buffer overread can have a range of potential consequences\\nsuch as unexpected application beahviour or a crash. In particular this issue\\ncould result in up to 255 bytes of arbitrary private data from memory being sent\\nto the peer leading to a loss of confidentiality. However, only applications\\nthat directly call the SSL_select_next_proto function with a 0 length list of\\nsupported client protocols are affected by this issue. This would normally never\\nbe a valid scenario and is typically not under attacker control but may occur by\\naccident in the case of a configuration or programming error in the calling\\napplication.\\n\\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\\n(Next Protocol Negotiation). NPN is older, was never standardised and\\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\\nprotocols from the server and a list of protocols from the client and returns\\nthe first protocol that appears in the server list that also appears in the\\nclient list. In the case of no overlap between the two lists it returns the\\nfirst item in the client list. In either case it will signal whether an overlap\\nbetween the two lists was found. In the case where SSL_select_next_proto is\\ncalled with a zero length client list it fails to notice this condition and\\nreturns the memory immediately following the client list pointer (and reports\\nthat there was no overlap in the lists).\\n\\nThis function is typically called from a server side application callback for\\nALPN or a client side application callback for NPN. In the case of ALPN the list\\nof protocols supplied by the client is guaranteed by libssl to never be zero in\\nlength. The list of server protocols comes from the application and should never\\nnormally be expected to be of zero length. In this case if the\\nSSL_select_next_proto function has been called as expected (with the list\\nsupplied by the client passed in the client/client_len parameters), then the\\napplication will not be vulnerable to this issue. If the application has\\naccidentally been configured with a zero length server list, and has\\naccidentally passed that zero length server list in the client/client_len\\nparameters, and has additionally failed to correctly handle a \\\"no overlap\\\"\\nresponse (which would normally result in a handshake failure in ALPN) then it\\nwill be vulnerable to this problem.\\n\\nIn the case of NPN, the protocol permits the client to opportunistically select\\na protocol when there is no overlap. OpenSSL returns the first client protocol\\nin the no overlap case in support of this. The list of client protocols comes\\nfrom the application and should never normally be expected to be of zero length.\\nHowever if the SSL_select_next_proto function is accidentally called with a\\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\\napplication uses this output as the opportunistic protocol then the loss of\\nconfidentiality will occur.\\n\\nThis issue has been assessed as Low severity because applications are most\\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\\nwidely used. It also requires an application configuration or programming error.\\nFinally, this issue would not typically be under attacker control making active\\nexploitation unlikely.\\n\\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\\n\\nDue to the low severity of this issue we are not issuing new releases of\\nOpenSSL at this time. The fix will be included in the next releases when they\\nbecome available.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: llamar a la funci\u00f3n API de OpenSSL SSL_select_next_proto con un b\u00fafer de protocolos de cliente compatible vac\u00edo puede provocar una falla o que se env\u00ede contenido de la memoria al igual. Resumen de impacto: una lectura excesiva del b\u00fafer puede tener una variedad de consecuencias potenciales, como un comportamiento inesperado de la aplicaci\u00f3n o un bloqueo. En particular, este problema podr\u00eda provocar que se env\u00eden hasta 255 bytes de datos privados arbitrarios de la memoria al par, lo que provocar\u00eda una p\u00e9rdida de confidencialidad. Sin embargo, este problema solo afecta a las aplicaciones que llaman directamente a la funci\u00f3n SSL_select_next_proto con una lista de longitud 0 de protocolos de cliente compatibles. Normalmente, esto nunca ser\u00eda un escenario v\u00e1lido y normalmente no est\u00e1 bajo el control de un atacante, pero puede ocurrir por accidente en el caso de un error de configuraci\u00f3n o programaci\u00f3n en la aplicaci\u00f3n que realiza la llamada. La funci\u00f3n API de OpenSSL SSL_select_next_proto suele ser utilizada por aplicaciones TLS que admiten ALPN (negociaci\u00f3n de protocolo de capa de aplicaci\u00f3n) o NPN (negociaci\u00f3n de siguiente protocolo). NPN es m\u00e1s antiguo, nunca se estandariz\u00f3 y est\u00e1 en desuso en favor de ALPN. Creemos que ALPN est\u00e1 mucho m\u00e1s implementado que NPN. La funci\u00f3n SSL_select_next_proto acepta una lista de protocolos del servidor y una lista de protocolos del cliente y devuelve el primer protocolo que aparece en la lista de servidores que tambi\u00e9n aparece en la lista de clientes. En caso de que no haya superposici\u00f3n entre las dos listas, devuelve el primer elemento de la lista de clientes. En cualquier caso, indicar\u00e1 si se encontr\u00f3 una superposici\u00f3n entre las dos listas. En el caso de que se llame a SSL_select_next_proto con una lista de clientes de longitud cero, no detecta esta condici\u00f3n y devuelve la memoria inmediatamente despu\u00e9s del puntero de la lista de clientes (e informa que no hubo superposici\u00f3n en las listas). Esta funci\u00f3n normalmente se llama desde una devoluci\u00f3n de llamada de la aplicaci\u00f3n del lado del servidor para ALPN o una devoluci\u00f3n de llamada de la aplicaci\u00f3n del lado del cliente para NPN. En el caso de ALPN, libssl garantiza que la lista de protocolos proporcionados por el cliente nunca tendr\u00e1 una longitud cero. La lista de protocolos del servidor proviene de la aplicaci\u00f3n y normalmente nunca se debe esperar que tenga una longitud cero. En este caso, si la funci\u00f3n SSL_select_next_proto se llam\u00f3 como se esperaba (con la lista proporcionada por el cliente pasada en los par\u00e1metros client/client_len), entonces la aplicaci\u00f3n no ser\u00e1 vulnerable a este problema. Si la aplicaci\u00f3n se configur\u00f3 accidentalmente con una lista de servidores de longitud cero y accidentalmente pas\u00f3 esa lista de servidores de longitud cero en los par\u00e1metros client/client_len y adem\u00e1s no pudo manejar correctamente una respuesta \\\"sin superposici\u00f3n\\\" (que normalmente dar\u00eda como resultado una falla en el protocolo de enlace en ALPN) entonces ser\u00e1 vulnerable a este problema. En el caso de NPN, el protocolo permite al cliente seleccionar de manera oportunista un protocolo cuando no hay superposici\u00f3n. OpenSSL devuelve el primer protocolo de cliente en el caso de que no haya superposici\u00f3n para respaldar esto. La lista de protocolos de cliente proviene de la aplicaci\u00f3n y normalmente nunca se debe esperar que tenga una longitud cero. Sin embargo, si la funci\u00f3n SSL_select_next_proto se llama accidentalmente con un client_len de 0, se devolver\u00e1 un puntero de memoria no v\u00e1lido. Si la aplicaci\u00f3n utiliza esta salida como protocolo oportunista, se producir\u00e1 la p\u00e9rdida de confidencialidad. Este problema se ha evaluado como de gravedad baja porque es m\u00e1s probable que las aplicaciones sean vulnerables si utilizan NPN en lugar de ALPN, pero NPN no se utiliza ampliamente. Tambi\u00e9n requiere una configuraci\u00f3n de la aplicaci\u00f3n o un error de programaci\u00f3n.-- truncada---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/27/1\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/28/4\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0005/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20240627.txt\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/27/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/28/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/08/15/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240712-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20240627.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", "vulnrichment": { "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240627.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c\", \"name\": \"3.3.2 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e\", \"name\": \"3.2.3 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37\", \"name\": \"3.1.7 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c\", \"name\": \"3.0.15 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87\", \"name\": \"1.1.1za git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c\", \"name\": \"1.0.2zk git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/27/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/28/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0005/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/08/15/1\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-15T12:04:53.153Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5535\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-27T13:50:16.969601Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"openssl\", \"product\": \"openssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.15\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.1.1\", \"lessThan\": \"1.1.1za\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0.2\", \"lessThan\": \"1.0.2zk\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-27T13:47:41.434Z\"}}], \"cna\": {\"title\": \"SSL_select_next_proto buffer overread\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Joseph Birr-Pixton\"}, {\"lang\": \"en\", \"type\": \"analyst\", \"value\": \"David Benjamin (Google)\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Matt Caswell\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.3\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.15\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.1.1\", \"lessThan\": \"1.1.1za\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0.2\", \"lessThan\": \"1.0.2zk\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-06-26T23:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240627.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/e86ac436f0bd54d4517745483e2315650fae7b2c\", \"name\": \"3.3.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/99fb785a5f85315b95288921a321a935ea29a51e\", \"name\": \"3.2.3 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/4ada436a1946cbb24db5ab4ca082b69c1bc10f37\", \"name\": \"3.1.7 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/cf6f91f6121f4db167405db2f0de410a456f260c\", \"name\": \"3.0.15 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87\", \"name\": \"1.1.1za git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.openssl.org/openssl/extended-releases/commit/9947251413065a05189a63c9b7a6c1d4e224c21c\", \"name\": \"1.0.2zk git commit\", \"tags\": [\"patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/27/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/28/4\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240712-0005/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\\nempty supported client protocols buffer may cause a crash or memory contents to\\nbe sent to the peer.\\n\\nImpact summary: A buffer overread can have a range of potential consequences\\nsuch as unexpected application beahviour or a crash. In particular this issue\\ncould result in up to 255 bytes of arbitrary private data from memory being sent\\nto the peer leading to a loss of confidentiality. However, only applications\\nthat directly call the SSL_select_next_proto function with a 0 length list of\\nsupported client protocols are affected by this issue. This would normally never\\nbe a valid scenario and is typically not under attacker control but may occur by\\naccident in the case of a configuration or programming error in the calling\\napplication.\\n\\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\\n(Next Protocol Negotiation). NPN is older, was never standardised and\\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\\nprotocols from the server and a list of protocols from the client and returns\\nthe first protocol that appears in the server list that also appears in the\\nclient list. In the case of no overlap between the two lists it returns the\\nfirst item in the client list. In either case it will signal whether an overlap\\nbetween the two lists was found. In the case where SSL_select_next_proto is\\ncalled with a zero length client list it fails to notice this condition and\\nreturns the memory immediately following the client list pointer (and reports\\nthat there was no overlap in the lists).\\n\\nThis function is typically called from a server side application callback for\\nALPN or a client side application callback for NPN. In the case of ALPN the list\\nof protocols supplied by the client is guaranteed by libssl to never be zero in\\nlength. The list of server protocols comes from the application and should never\\nnormally be expected to be of zero length. In this case if the\\nSSL_select_next_proto function has been called as expected (with the list\\nsupplied by the client passed in the client/client_len parameters), then the\\napplication will not be vulnerable to this issue. If the application has\\naccidentally been configured with a zero length server list, and has\\naccidentally passed that zero length server list in the client/client_len\\nparameters, and has additionally failed to correctly handle a \\\"no overlap\\\"\\nresponse (which would normally result in a handshake failure in ALPN) then it\\nwill be vulnerable to this problem.\\n\\nIn the case of NPN, the protocol permits the client to opportunistically select\\na protocol when there is no overlap. OpenSSL returns the first client protocol\\nin the no overlap case in support of this. The list of client protocols comes\\nfrom the application and should never normally be expected to be of zero length.\\nHowever if the SSL_select_next_proto function is accidentally called with a\\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\\napplication uses this output as the opportunistic protocol then the loss of\\nconfidentiality will occur.\\n\\nThis issue has been assessed as Low severity because applications are most\\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\\nwidely used. It also requires an application configuration or programming error.\\nFinally, this issue would not typically be under attacker control making active\\nexploitation unlikely.\\n\\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\\n\\nDue to the low severity of this issue we are not issuing new releases of\\nOpenSSL at this time. The fix will be included in the next releases when they\\nbecome available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\u003cbr\u003eempty supported client protocols buffer may cause a crash or memory contents to\u003cbr\u003ebe sent to the peer.\u003cbr\u003e\u003cbr\u003eImpact summary: A buffer overread can have a range of potential consequences\u003cbr\u003esuch as unexpected application beahviour or a crash. In particular this issue\u003cbr\u003ecould result in up to 255 bytes of arbitrary private data from memory being sent\u003cbr\u003eto the peer leading to a loss of confidentiality. However, only applications\u003cbr\u003ethat directly call the SSL_select_next_proto function with a 0 length list of\u003cbr\u003esupported client protocols are affected by this issue. This would normally never\u003cbr\u003ebe a valid scenario and is typically not under attacker control but may occur by\u003cbr\u003eaccident in the case of a configuration or programming error in the calling\u003cbr\u003eapplication.\u003cbr\u003e\u003cbr\u003eThe OpenSSL API function SSL_select_next_proto is typically used by TLS\u003cbr\u003eapplications that support ALPN (Application Layer Protocol Negotiation) or NPN\u003cbr\u003e(Next Protocol Negotiation). NPN is older, was never standardised and\u003cbr\u003eis deprecated in favour of ALPN. We believe that ALPN is significantly more\u003cbr\u003ewidely deployed than NPN. The SSL_select_next_proto function accepts a list of\u003cbr\u003eprotocols from the server and a list of protocols from the client and returns\u003cbr\u003ethe first protocol that appears in the server list that also appears in the\u003cbr\u003eclient list. In the case of no overlap between the two lists it returns the\u003cbr\u003efirst item in the client list. In either case it will signal whether an overlap\u003cbr\u003ebetween the two lists was found. In the case where SSL_select_next_proto is\u003cbr\u003ecalled with a zero length client list it fails to notice this condition and\u003cbr\u003ereturns the memory immediately following the client list pointer (and reports\u003cbr\u003ethat there was no overlap in the lists).\u003cbr\u003e\u003cbr\u003eThis function is typically called from a server side application callback for\u003cbr\u003eALPN or a client side application callback for NPN. In the case of ALPN the list\u003cbr\u003eof protocols supplied by the client is guaranteed by libssl to never be zero in\u003cbr\u003elength. The list of server protocols comes from the application and should never\u003cbr\u003enormally be expected to be of zero length. In this case if the\u003cbr\u003eSSL_select_next_proto function has been called as expected (with the list\u003cbr\u003esupplied by the client passed in the client/client_len parameters), then the\u003cbr\u003eapplication will not be vulnerable to this issue. If the application has\u003cbr\u003eaccidentally been configured with a zero length server list, and has\u003cbr\u003eaccidentally passed that zero length server list in the client/client_len\u003cbr\u003eparameters, and has additionally failed to correctly handle a \\\"no overlap\\\"\u003cbr\u003eresponse (which would normally result in a handshake failure in ALPN) then it\u003cbr\u003ewill be vulnerable to this problem.\u003cbr\u003e\u003cbr\u003eIn the case of NPN, the protocol permits the client to opportunistically select\u003cbr\u003ea protocol when there is no overlap. OpenSSL returns the first client protocol\u003cbr\u003ein the no overlap case in support of this. The list of client protocols comes\u003cbr\u003efrom the application and should never normally be expected to be of zero length.\u003cbr\u003eHowever if the SSL_select_next_proto function is accidentally called with a\u003cbr\u003eclient_len of 0 then an invalid memory pointer will be returned instead. If the\u003cbr\u003eapplication uses this output as the opportunistic protocol then the loss of\u003cbr\u003econfidentiality will occur.\u003cbr\u003e\u003cbr\u003eThis issue has been assessed as Low severity because applications are most\u003cbr\u003elikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\u003cbr\u003ewidely used. It also requires an application configuration or programming error.\u003cbr\u003eFinally, this issue would not typically be under attacker control making active\u003cbr\u003eexploitation unlikely.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\u003cbr\u003e\u003cbr\u003e\\n\\nDue to the low severity of this issue we are not issuing new releases of\u003cbr\u003eOpenSSL at this time. The fix will be included in the next releases when they\u003cbr\u003ebecome available.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200 Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-07-12T14:06:04.752Z\"}}}", "cveMetadata": "{\"cveId\": \"CVE-2024-5535\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:54:20.802Z\", \"dateReserved\": \"2024-05-30T15:34:36.813Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2024-06-27T10:30:53.118Z\", \"assignerShortName\": \"openssl\"}", "dataType": "CVE_RECORD", "dataVersion": "5.1" } } }
ncsc-2025-0028
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:36
Modified
2025-01-22 13:36
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-789
Memory Allocation with Excessive Size Value
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-670
Always-Incorrect Control Flow Implementation
CWE-399
CWE-399
CWE-326
Inadequate Encryption Strength
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-834
Excessive Iteration
CWE-311
Missing Encryption of Sensitive Data
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Uncaught Exception", "title": "CWE-248" }, { "category": "general", "text": "Uncontrolled Recursion", "title": "CWE-674" }, { "category": "general", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Memory Allocation with Excessive Size Value", "title": "CWE-789" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" }, { "category": "general", "text": "Dependency on Vulnerable Third-Party Component", "title": "CWE-1395" }, { "category": "general", "text": "Always-Incorrect Control Flow Implementation", "title": "CWE-670" }, { "category": "general", "text": "CWE-399", "title": "CWE-399" }, { "category": "general", "text": "Inadequate Encryption Strength", "title": "CWE-326" }, { "category": "general", "text": "Incorrect Resource Transfer Between Spheres", "title": "CWE-669" }, { "category": "general", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "general", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "general", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "general", "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "title": "CWE-444" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; nvd; oracle", "url": "https://www.oracle.com/security-alerts/cpujan2025.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Analytics", "tracking": { "current_release_date": "2025-01-22T13:36:58.196605Z", "id": "NCSC-2025-0028", "initial_release_date": "2025-01-22T13:36:58.196605Z", "revision_history": [ { "date": "2025-01-22T13:36:58.196605Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-1503296", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-220360", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-135810", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-219994", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:enterprise:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-219817", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:6.4.0.0.0:enterprise:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-1503297", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-257324", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-1503298", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence", "product": { "name": "business_intelligence", "product_id": "CSAFPID-1650736", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765384", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764234", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765387", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764778", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764929", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764235", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764930", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764236", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-1503574", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-1503573", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765388", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764727", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764729", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765383", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765385", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765389", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764725", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764728", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764730", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-764726", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "business_intelligence_enterprise_edition", "product": { "name": "business_intelligence_enterprise_edition", "product_id": "CSAFPID-765386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-9197", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-9493", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-220546", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-228391", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-220545", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-220560", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "bi_publisher", "product": { "name": "bi_publisher", "product_id": "CSAFPID-1673195", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-816763", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-816761", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-816762", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-1751172", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:8.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-1650735", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "analytics_desktop", "product": { "name": "analytics_desktop", "product_id": "CSAFPID-1751157", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2016-10000", "references": [ { "category": "self", "summary": "CVE-2016-10000", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2016/CVE-2016-10000.json" } ], "title": "CVE-2016-10000" }, { "cve": "CVE-2020-2849", "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2020-2849", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-2849.json" } ], "title": "CVE-2020-2849" }, { "cve": "CVE-2020-7760", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2020-7760", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-7760.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-257324" ] } ], "title": "CVE-2020-7760" }, { "cve": "CVE-2020-13956", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-1503574", "CSAFPID-257324", "CSAFPID-135810" ] }, "references": [ { "category": "self", "summary": "CVE-2020-13956", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-1503574", "CSAFPID-257324", "CSAFPID-135810" ] } ], "title": "CVE-2020-13956" }, { "cve": "CVE-2020-28975", "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2020-28975", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28975.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2020-28975" }, { "cve": "CVE-2021-23926", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" } ], "product_status": { "known_affected": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930" ] }, "references": [ { "category": "self", "summary": "CVE-2021-23926", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930" ] } ], "title": "CVE-2021-23926" }, { "cve": "CVE-2021-33813", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" } ], "product_status": { "known_affected": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9197", "CSAFPID-9493", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-135810" ] }, "references": [ { "category": "self", "summary": "CVE-2021-33813", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33813.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9197", "CSAFPID-9493", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-135810" ] } ], "title": "CVE-2021-33813" }, { "cve": "CVE-2022-40150", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574" ] }, "references": [ { "category": "self", "summary": "CVE-2022-40150", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40150.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574" ] } ], "title": "CVE-2022-40150" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "notes": [ { "category": "other", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" }, { "category": "other", "text": "Creation of Temporary File in Directory with Insecure Permissions", "title": "CWE-379" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-2976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] } ], "title": "CVE-2023-2976" }, { "cve": "CVE-2023-4785", "cwe": { "id": "CWE-248", "name": "Uncaught Exception" }, "notes": [ { "category": "other", "text": "Uncaught Exception", "title": "CWE-248" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4785", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4785.json" } ], "title": "CVE-2023-4785" }, { "cve": "CVE-2023-7272", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-7272", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2023-7272" }, { "cve": "CVE-2023-24998", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "other", "text": "CWE-399", "title": "CWE-399" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-135810" ] }, "references": [ { "category": "self", "summary": "CVE-2023-24998", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json" } ], "title": "CVE-2023-24998" }, { "cve": "CVE-2023-25399", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "other", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" } ], "product_status": { "known_affected": [ "CSAFPID-1650736", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-25399", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650736", "CSAFPID-257324" ] } ], "title": "CVE-2023-25399" }, { "cve": "CVE-2023-29824", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1650736", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-29824", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29824.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650736", "CSAFPID-257324" ] } ], "title": "CVE-2023-29824" }, { "cve": "CVE-2023-32732", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "notes": [ { "category": "other", "text": "Expected Behavior Violation", "title": "CWE-440" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-32732", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32732.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2023-32732" }, { "cve": "CVE-2023-33202", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1650735", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33202", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650735", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] } ], "title": "CVE-2023-33202" }, { "cve": "CVE-2023-33953", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "other", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "other", "text": "Memory Allocation with Excessive Size Value", "title": "CWE-789" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33953", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33953.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2023-33953" }, { "cve": "CVE-2023-43804", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-43804", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43804.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] } ], "title": "CVE-2023-43804" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-45803", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45803", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45803.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] } ], "title": "CVE-2023-45803" }, { "cve": "CVE-2023-50782", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2023-50782", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50782.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] } ], "title": "CVE-2023-50782" }, { "cve": "CVE-2024-0727", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574" ] }, "references": [ { "category": "self", "summary": "CVE-2024-0727", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574" ] } ], "title": "CVE-2024-0727" }, { "cve": "CVE-2024-1135", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "notes": [ { "category": "other", "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "title": "CWE-444" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-1135", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2024-1135" }, { "cve": "CVE-2024-4741", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4741", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json" } ], "title": "CVE-2024-4741" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Dependency on Vulnerable Third-Party Component", "title": "CWE-1395" } ], "product_status": { "known_affected": [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-7254", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Recursion", "title": "CWE-674" } ], "product_status": { "known_affected": [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7254", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-257324" ] } ], "title": "CVE-2024-7254" }, { "cve": "CVE-2024-22195", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22195", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324" ] } ], "title": "CVE-2024-22195" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324" ] } ], "title": "CVE-2024-26130" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-220560", "CSAFPID-1673195" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-220560", "CSAFPID-1673195" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-257324", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-257324", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736" ] } ], "title": "CVE-2024-29131" }, { "cve": "CVE-2024-34064", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34064", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-257324" ] } ], "title": "CVE-2024-34064" }, { "cve": "CVE-2024-35195", "cwe": { "id": "CWE-670", "name": "Always-Incorrect Control Flow Implementation" }, "notes": [ { "category": "other", "text": "Always-Incorrect Control Flow Implementation", "title": "CWE-670" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-35195", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2024-35195" }, { "cve": "CVE-2024-36114", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1650736", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36114", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650736", "CSAFPID-257324" ] } ], "title": "CVE-2024-36114" }, { "cve": "CVE-2024-37891", "cwe": { "id": "CWE-669", "name": "Incorrect Resource Transfer Between Spheres" }, "notes": [ { "category": "other", "text": "Incorrect Resource Transfer Between Spheres", "title": "CWE-669" } ], "product_status": { "known_affected": [ "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37891", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-257324" ] } ], "title": "CVE-2024-37891" }, { "cve": "CVE-2024-38809", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38809", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810" ] } ], "title": "CVE-2024-38809" }, { "cve": "CVE-2024-38820", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "other", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" } ], "product_status": { "known_affected": [ "CSAFPID-220560", "CSAFPID-1673195" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38820", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-220560", "CSAFPID-1673195" ] } ], "title": "CVE-2024-38820" }, { "cve": "CVE-2024-43382", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "other", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "other", "text": "Inadequate Encryption Strength", "title": "CWE-326" } ], "product_status": { "known_affected": [ "CSAFPID-220560", "CSAFPID-1673195" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43382", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43382.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-220560", "CSAFPID-1673195" ] } ], "title": "CVE-2024-43382" }, { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "product_status": { "known_affected": [ "CSAFPID-1650736", "CSAFPID-257324" ] }, "references": [ { "category": "self", "summary": "CVE-2024-47561", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650736", "CSAFPID-257324" ] } ], "title": "CVE-2024-47561" }, { "cve": "CVE-2025-21532", "product_status": { "known_affected": [ "CSAFPID-1751157" ] }, "references": [ { "category": "self", "summary": "CVE-2025-21532", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21532.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1751157" ] } ], "title": "CVE-2025-21532" } ] }
NCSC-2024-0416
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:18
Modified
2024-10-17 13:18
Summary
Kwetsbaarheden verholpen in Oracle Financial Services Applications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Financial Services Applications.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Cross-Site-Scripting (XSS)
- Denial-of-Service (DoS)
- Manipuleren van data
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-1188
Initialization of a Resource with an Insecure Default
CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-404
Improper Resource Shutdown or Release
CWE-306
Missing Authentication for Critical Function
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-295
Improper Certificate Validation
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in Financial Services Applications.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Cross-Site-Scripting (XSS)\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Initialization of a Resource with an Insecure Default", "title": "CWE-1188" }, { "category": "general", "text": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)", "title": "CWE-95" }, { "category": "general", "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "title": "CWE-601" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Missing Authentication for Critical Function", "title": "CWE-306" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)", "title": "CWE-94" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Financial Services Applications", "tracking": { "current_release_date": "2024-10-17T13:18:45.385015Z", "id": "NCSC-2024-0416", "initial_release_date": "2024-10-17T13:18:45.385015Z", "revision_history": [ { "date": "2024-10-17T13:18:45.385015Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221114", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94303", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221111", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.3.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221109", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94301", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221107", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94300", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221106", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816814", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221103", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816815", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94296", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221102", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94294", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-764256", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-1503320", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912088", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912087", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912086", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912568", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912570", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-764257", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1503613", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912091", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912090", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912089", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-220172", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-220168", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1673521", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1673498", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912571", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912572", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912573", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_collections_and_recovery", "product": { "name": "banking_collections_and_recovery", "product_id": "CSAFPID-816817", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_collections_and_recovery:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending", "product": { "name": "banking_corporate_lending", "product_id": "CSAFPID-764258", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-764259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503614", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503615", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503616", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503617", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-764260", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503618", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503619", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503620", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-220170", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-912574", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-611428", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-387666", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221113", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9129", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221112", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.3.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221110", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816818", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9611", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221108", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9198", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221105", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816819", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94298", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221104", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816820", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94297", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221101", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816821", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94293", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_electronic_data_exchange_for_corporates", "product": { "name": "banking_electronic_data_exchange_for_corporates", "product_id": "CSAFPID-764261", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_electronic_data_exchange_for_corporates:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-816822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-912575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-912576", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_extensibility_workbench", "product": { "name": "banking_extensibility_workbench", "product_id": "CSAFPID-816823", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_extensibility_workbench:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764262", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912094", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673190", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220156", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912093", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764747", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220154", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912092", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764748", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220152", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-816824", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673189", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.6.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220151", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673482", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673499", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912577", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912578", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912579", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912580", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_infrastructure___14.7.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_loans_servicing", "product": { "name": "banking_loans_servicing", "product_id": "CSAFPID-912581", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_loans_servicing", "product": { "name": "banking_loans_servicing", "product_id": "CSAFPID-611718", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_loans_servicing:2.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-764263", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912064", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912063", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-224806", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912062", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-258398", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-220173", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912582", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912583", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-816825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-912095", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-387665", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-764264", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-94387", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-220552", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-220160", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-912585", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-204520", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-1503621", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-9430", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-912096", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-9390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-764265", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-220171", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-220169", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-1673520", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-1673500", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-631680", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-94386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-344967", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-220194", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-764266", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220157", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220155", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.6.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220153", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220150", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-764749", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-94389", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-220553", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-220195", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-764267", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912099", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-180211", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912098", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-201568", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912097", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-201569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912586", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912588", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9711", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9300", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9522", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345043", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-8848", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345042", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189066", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-93309", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189065", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-93305", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189064", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189063", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_reconciliation_framework", "product": { "name": "financial_services_analytical_applications_reconciliation_framework", "product_id": "CSAFPID-363146", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_reconciliation_framework", "product": { "name": "financial_services_analytical_applications_reconciliation_framework", "product_id": "CSAFPID-363129", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674656", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674659", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.5.0.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674662", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674666", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.0.6.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674664", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674658", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674653", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674668", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674669", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674667", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674655", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:3.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674657", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:4.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674660", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:5.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674654", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674665", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:8.1.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_asset_liability_management", "product": { "name": "financial_services_asset_liability_management", "product_id": "CSAFPID-363142", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_balance_computation_engine", "product": { "name": "financial_services_balance_computation_engine", "product_id": "CSAFPID-363130", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_balance_sheet_planning", "product": { "name": "financial_services_balance_sheet_planning", "product_id": "CSAFPID-363135", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_basic", "product": { "name": "financial_services_basel_regulatory_capital_basic", "product_id": "CSAFPID-1503626", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_basic", "product": { "name": "financial_services_basel_regulatory_capital_basic", "product_id": "CSAFPID-1503627", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product": { "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product_id": "CSAFPID-1503628", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product": { "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product_id": "CSAFPID-1503629", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-189067", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-93307", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-345041", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-219772", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-219770", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-816828", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-1503630", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_cash_flow_engine", "product": { "name": "financial_services_cash_flow_engine", "product_id": "CSAFPID-764273", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-345047", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-816829", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1503631", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1503632", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1673398", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_crime_and_compliance_management_studio", "product": { "name": "financial_services_crime_and_compliance_management_studio", "product_id": "CSAFPID-391382", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493291", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493290", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493289", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493288", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_governance_for_us_regulatory_reporting", "product": { "name": "financial_services_data_governance_for_us_regulatory_reporting", "product_id": "CSAFPID-363128", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_governance_for_us_regulatory_reporting", "product": { "name": "financial_services_data_governance_for_us_regulatory_reporting", "product_id": "CSAFPID-363127", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363131", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363126", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product": { "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product_id": "CSAFPID-363143", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product": { "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product_id": "CSAFPID-363133", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219774", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503633", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-180190", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503634", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-345040", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219773", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219771", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-816830", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503635", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503636", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_financial_performance_analytics", "product": { "name": "financial_services_enterprise_financial_performance_analytics", "product_id": "CSAFPID-363141", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_funds_transfer_pricing", "product": { "name": "financial_services_funds_transfer_pricing", "product_id": "CSAFPID-363138", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_institutional_performance_analytics", "product": { "name": "financial_services_institutional_performance_analytics", "product_id": "CSAFPID-363136", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_lending_and_leasing", "product": { "name": "financial_services_lending_and_leasing", "product_id": "CSAFPID-816831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_liquidity_risk_measurement_and_management", "product": { "name": "financial_services_liquidity_risk_measurement_and_management", "product_id": "CSAFPID-363145", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_liquidity_risk_measurement_and_management", "product": { "name": "financial_services_liquidity_risk_measurement_and_management", "product_id": "CSAFPID-363132", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_loan_loss_forecasting_and_provisioning", "product": { "name": "financial_services_loan_loss_forecasting_and_provisioning", "product_id": "CSAFPID-363140", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_loan_loss_forecasting_and_provisioning", "product": { "name": "financial_services_loan_loss_forecasting_and_provisioning", "product_id": "CSAFPID-363134", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-396508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-396507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-611392", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-611391", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-1503319", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-1503318", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_profitability_management", "product": { "name": "financial_services_profitability_management", "product_id": "CSAFPID-363139", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting_with_agilereporter", "product": { "name": "financial_services_regulatory_reporting_with_agilereporter", "product_id": "CSAFPID-611433", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570314", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570313", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570312", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570311", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_retail_performance_analytics", "product": { "name": "financial_services_retail_performance_analytics", "product_id": "CSAFPID-363137", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-765266", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-219833", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-344846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-912589", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-31160", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-9390", "CSAFPID-204520", "CSAFPID-94302", "CSAFPID-94301", "CSAFPID-94300", "CSAFPID-94299", "CSAFPID-94296", "CSAFPID-94294", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764258", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-611428", "CSAFPID-387666", "CSAFPID-9569", "CSAFPID-9611", "CSAFPID-9198", "CSAFPID-94298", "CSAFPID-94297", "CSAFPID-94293", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-611718", "CSAFPID-764263", "CSAFPID-387665", "CSAFPID-764264", "CSAFPID-9430", "CSAFPID-764265", "CSAFPID-631680", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-764273", "CSAFPID-611392", "CSAFPID-611391", "CSAFPID-221114", "CSAFPID-221111", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-220172", "CSAFPID-220168", "CSAFPID-220170", "CSAFPID-221113", "CSAFPID-221112", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-220156", "CSAFPID-764747", "CSAFPID-220154", "CSAFPID-764748", "CSAFPID-220152", "CSAFPID-220151", "CSAFPID-224806", "CSAFPID-220173", "CSAFPID-258398", "CSAFPID-220171", "CSAFPID-220169", "CSAFPID-220157", "CSAFPID-220155", "CSAFPID-220153", "CSAFPID-220150", "CSAFPID-764749", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-8848", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-219772", "CSAFPID-219770", "CSAFPID-345047", "CSAFPID-219774", "CSAFPID-180190", "CSAFPID-219773", "CSAFPID-219771", "CSAFPID-189064", "CSAFPID-189063", "CSAFPID-363146", "CSAFPID-363129", "CSAFPID-363142", "CSAFPID-363130", "CSAFPID-363135", "CSAFPID-345041", "CSAFPID-391382", "CSAFPID-493291", "CSAFPID-493290", "CSAFPID-493289", "CSAFPID-493288", "CSAFPID-363128", "CSAFPID-363127", "CSAFPID-363144", "CSAFPID-363131", "CSAFPID-363126", "CSAFPID-363143", "CSAFPID-363133", "CSAFPID-345040", "CSAFPID-363141", "CSAFPID-363138", "CSAFPID-363136", "CSAFPID-363145", "CSAFPID-363132", "CSAFPID-363140", "CSAFPID-363134", "CSAFPID-396508", "CSAFPID-396507", "CSAFPID-363139", "CSAFPID-570314", "CSAFPID-570313", "CSAFPID-570312", "CSAFPID-94303", "CSAFPID-9129", "CSAFPID-94387", "CSAFPID-220552", "CSAFPID-220160", "CSAFPID-94386", "CSAFPID-344967", "CSAFPID-220194", "CSAFPID-94389", "CSAFPID-220553", "CSAFPID-220195", "CSAFPID-180211", "CSAFPID-201568", "CSAFPID-201569", "CSAFPID-345045", "CSAFPID-345044", "CSAFPID-345043", "CSAFPID-345042", "CSAFPID-93309", "CSAFPID-93305", "CSAFPID-570311", "CSAFPID-611433", "CSAFPID-363137", "CSAFPID-219833", "CSAFPID-344846", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-9522", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-765266", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-912568", "CSAFPID-912088", "CSAFPID-912569", "CSAFPID-912087", "CSAFPID-912570", "CSAFPID-912086", "CSAFPID-912571", "CSAFPID-912091", "CSAFPID-912572", "CSAFPID-912090", "CSAFPID-912573", "CSAFPID-912089", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912094", "CSAFPID-912578", "CSAFPID-912093", "CSAFPID-912579", "CSAFPID-912092", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912064", "CSAFPID-912583", "CSAFPID-912063", "CSAFPID-912584", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-912585", "CSAFPID-912096", "CSAFPID-912586", "CSAFPID-912099", "CSAFPID-912587", "CSAFPID-912098", "CSAFPID-912588", "CSAFPID-912097", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2022-31160", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-31160.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-9390", "CSAFPID-204520", "CSAFPID-94302", "CSAFPID-94301", "CSAFPID-94300", "CSAFPID-94299", "CSAFPID-94296", "CSAFPID-94294", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764258", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-611428", "CSAFPID-387666", "CSAFPID-9569", "CSAFPID-9611", "CSAFPID-9198", "CSAFPID-94298", "CSAFPID-94297", "CSAFPID-94293", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-611718", "CSAFPID-764263", "CSAFPID-387665", "CSAFPID-764264", "CSAFPID-9430", "CSAFPID-764265", "CSAFPID-631680", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-764273", "CSAFPID-611392", "CSAFPID-611391", "CSAFPID-221114", "CSAFPID-221111", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-220172", "CSAFPID-220168", "CSAFPID-220170", "CSAFPID-221113", "CSAFPID-221112", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-220156", "CSAFPID-764747", "CSAFPID-220154", "CSAFPID-764748", "CSAFPID-220152", "CSAFPID-220151", "CSAFPID-224806", "CSAFPID-220173", "CSAFPID-258398", "CSAFPID-220171", "CSAFPID-220169", "CSAFPID-220157", "CSAFPID-220155", "CSAFPID-220153", "CSAFPID-220150", "CSAFPID-764749", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-8848", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-219772", "CSAFPID-219770", "CSAFPID-345047", "CSAFPID-219774", "CSAFPID-180190", "CSAFPID-219773", "CSAFPID-219771", "CSAFPID-189064", "CSAFPID-189063", "CSAFPID-363146", "CSAFPID-363129", "CSAFPID-363142", "CSAFPID-363130", "CSAFPID-363135", "CSAFPID-345041", "CSAFPID-391382", "CSAFPID-493291", "CSAFPID-493290", "CSAFPID-493289", "CSAFPID-493288", "CSAFPID-363128", "CSAFPID-363127", "CSAFPID-363144", "CSAFPID-363131", "CSAFPID-363126", "CSAFPID-363143", "CSAFPID-363133", "CSAFPID-345040", "CSAFPID-363141", "CSAFPID-363138", "CSAFPID-363136", "CSAFPID-363145", "CSAFPID-363132", "CSAFPID-363140", "CSAFPID-363134", "CSAFPID-396508", "CSAFPID-396507", "CSAFPID-363139", "CSAFPID-570314", "CSAFPID-570313", "CSAFPID-570312", "CSAFPID-94303", "CSAFPID-9129", "CSAFPID-94387", "CSAFPID-220552", "CSAFPID-220160", "CSAFPID-94386", "CSAFPID-344967", "CSAFPID-220194", "CSAFPID-94389", "CSAFPID-220553", "CSAFPID-220195", "CSAFPID-180211", "CSAFPID-201568", "CSAFPID-201569", "CSAFPID-345045", "CSAFPID-345044", "CSAFPID-345043", "CSAFPID-345042", "CSAFPID-93309", "CSAFPID-93305", "CSAFPID-570311", "CSAFPID-611433", "CSAFPID-363137", "CSAFPID-219833", "CSAFPID-344846", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-9522", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-765266", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-912568", "CSAFPID-912088", "CSAFPID-912569", "CSAFPID-912087", "CSAFPID-912570", "CSAFPID-912086", "CSAFPID-912571", "CSAFPID-912091", "CSAFPID-912572", "CSAFPID-912090", "CSAFPID-912573", "CSAFPID-912089", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912094", "CSAFPID-912578", "CSAFPID-912093", "CSAFPID-912579", "CSAFPID-912092", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912064", "CSAFPID-912583", "CSAFPID-912063", "CSAFPID-912584", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-912585", "CSAFPID-912096", "CSAFPID-912586", "CSAFPID-912099", "CSAFPID-912587", "CSAFPID-912098", "CSAFPID-912588", "CSAFPID-912097", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2022-31160" }, { "cve": "CVE-2023-34055", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-8848", "CSAFPID-9300", "CSAFPID-9522", "CSAFPID-9711", "CSAFPID-93307", "CSAFPID-180190", "CSAFPID-189065", "CSAFPID-189066", "CSAFPID-189067", "CSAFPID-219770", "CSAFPID-219771", "CSAFPID-219774", "CSAFPID-344846", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-764263", "CSAFPID-764265", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-765266", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-912062", "CSAFPID-912093", "CSAFPID-912094", "CSAFPID-912095", "CSAFPID-912096", "CSAFPID-912097", "CSAFPID-912098", "CSAFPID-912099", "CSAFPID-912568", "CSAFPID-912569", "CSAFPID-912570", "CSAFPID-912571", "CSAFPID-912572", "CSAFPID-912573", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912578", "CSAFPID-912579", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912583", "CSAFPID-912584", "CSAFPID-912585", "CSAFPID-912586", "CSAFPID-912587", "CSAFPID-912588", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-34055", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34055.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-8848", "CSAFPID-9300", "CSAFPID-9522", "CSAFPID-9711", "CSAFPID-93307", "CSAFPID-180190", "CSAFPID-189065", "CSAFPID-189066", "CSAFPID-189067", "CSAFPID-219770", "CSAFPID-219771", "CSAFPID-219774", "CSAFPID-344846", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-764263", "CSAFPID-764265", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-765266", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-912062", "CSAFPID-912093", "CSAFPID-912094", "CSAFPID-912095", "CSAFPID-912096", "CSAFPID-912097", "CSAFPID-912098", "CSAFPID-912099", "CSAFPID-912568", "CSAFPID-912569", "CSAFPID-912570", "CSAFPID-912571", "CSAFPID-912572", "CSAFPID-912573", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912578", "CSAFPID-912579", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912583", "CSAFPID-912584", "CSAFPID-912585", "CSAFPID-912586", "CSAFPID-912587", "CSAFPID-912588", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-34055" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-50447", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)", "title": "CWE-94" }, { "category": "other", "text": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)", "title": "CWE-95" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-50447", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50447.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-50447" }, { "cve": "CVE-2024-0232", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-0232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json" } ], "title": "CVE-2024-0232" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-1673482", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673482", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673520", "CSAFPID-1673521", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673520", "CSAFPID-1673521", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-21281", "product_status": { "known_affected": [ "CSAFPID-1673189", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21281", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21281.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673189", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21281" }, { "cve": "CVE-2024-21284", "product_status": { "known_affected": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21284", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21284.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21284" }, { "cve": "CVE-2024-21285", "product_status": { "known_affected": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21285", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21285.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21285" }, { "cve": "CVE-2024-22262", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "notes": [ { "category": "other", "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "title": "CWE-601" } ], "product_status": { "known_affected": [ "CSAFPID-221102", "CSAFPID-221103", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22262", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-221102", "CSAFPID-221103", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-22262" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-221107", "CSAFPID-221103", "CSAFPID-221106", "CSAFPID-221102", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-221107", "CSAFPID-221103", "CSAFPID-221106", "CSAFPID-221102", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-32007", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673498", "CSAFPID-1673499", "CSAFPID-1673500", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32007", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32007.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673498", "CSAFPID-1673499", "CSAFPID-1673500", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-32007" }, { "cve": "CVE-2024-32114", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "other", "text": "Missing Authentication for Critical Function", "title": "CWE-306" }, { "category": "other", "text": "Initialization of a Resource with an Insecure Default", "title": "CWE-1188" } ], "product_status": { "known_affected": [ "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32114", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32114.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-32114" }, { "cve": "CVE-2024-43407", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-221102", "CSAFPID-221108", "CSAFPID-221107", "CSAFPID-221104", "CSAFPID-221103", "CSAFPID-221105", "CSAFPID-221101", "CSAFPID-221106", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43407", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43407.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-221102", "CSAFPID-221108", "CSAFPID-221107", "CSAFPID-221104", "CSAFPID-221103", "CSAFPID-221105", "CSAFPID-221101", "CSAFPID-221106", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-43407" } ] }
ncsc-2024-0420
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:20
Modified
2024-10-17 13:20
Summary
Kwetsbaarheden verholpen in Oracle MySQL
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in MySQL.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om toegang te krijgen tot gevoelige gegevens in de database en deze mogelijk te manipuleren.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-390
Detection of Error Condition Without Action
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-345
Insufficient Verification of Data Authenticity
CWE-190
Integer Overflow or Wraparound
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-20
Improper Input Validation
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in MySQL.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of om toegang te krijgen tot gevoelige gegevens in de database en deze mogelijk te manipuleren.", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "general", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle MySQL", "tracking": { "current_release_date": "2024-10-17T13:20:42.437738Z", "id": "NCSC-2024-0420", "initial_release_date": "2024-10-17T13:20:42.437738Z", "revision_history": [ { "date": "2024-10-17T13:20:42.437738Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "mysql_cluster", "product": { "name": "mysql_cluster", "product_id": "CSAFPID-764289", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_connectors", "product": { "name": "mysql_connectors", "product_id": "CSAFPID-221160", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql", "product": { "name": "mysql", "product_id": "CSAFPID-249429", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_enterprise_backup", "product": { "name": "mysql_enterprise_backup", "product_id": "CSAFPID-1673522", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_enterprise_backup:9.0.1_and_prior:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_enterprise_monitor", "product": { "name": "mysql_enterprise_monitor", "product_id": "CSAFPID-764290", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_server", "product": { "name": "mysql_server", "product_id": "CSAFPID-504250", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_workbench", "product": { "name": "mysql_workbench", "product_id": "CSAFPID-764763", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "mysql_client", "product": { "name": "mysql_client", "product_id": "CSAFPID-1673440", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:mysql_client:9.0.1_and_prior:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-45853", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-764289", "CSAFPID-221160", "CSAFPID-764290", "CSAFPID-504250", "CSAFPID-764763" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45853", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45853.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-764289", "CSAFPID-221160", "CSAFPID-764290", "CSAFPID-504250", "CSAFPID-764763" ] } ], "title": "CVE-2023-45853" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673522" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673522" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-7264", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673522" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7264", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673522" ] } ], "title": "CVE-2024-7264" }, { "cve": "CVE-2024-21193", "references": [ { "category": "self", "summary": "CVE-2024-21193", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21193.json" } ], "title": "CVE-2024-21193" }, { "cve": "CVE-2024-21194", "references": [ { "category": "self", "summary": "CVE-2024-21194", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21194.json" } ], "title": "CVE-2024-21194" }, { "cve": "CVE-2024-21196", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21196", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21196.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21196" }, { "cve": "CVE-2024-21197", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21197", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21197.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21197" }, { "cve": "CVE-2024-21198", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21198", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21198.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21198" }, { "cve": "CVE-2024-21199", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21199", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21199.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21199" }, { "cve": "CVE-2024-21200", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21200", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21200.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21200" }, { "cve": "CVE-2024-21201", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21201" }, { "cve": "CVE-2024-21203", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21203", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21203.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21203" }, { "cve": "CVE-2024-21204", "references": [ { "category": "self", "summary": "CVE-2024-21204", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21204.json" } ], "title": "CVE-2024-21204" }, { "cve": "CVE-2024-21207", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21207", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21207.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21207" }, { "cve": "CVE-2024-21209", "product_status": { "known_affected": [ "CSAFPID-1673440", "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21209", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21209.json" } ], "scores": [ { "cvss_v3": { "baseScore": 2.0, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673440", "CSAFPID-249429" ] } ], "title": "CVE-2024-21209" }, { "cve": "CVE-2024-21212", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21212", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21212.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21212" }, { "cve": "CVE-2024-21213", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21213", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21213.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21213" }, { "cve": "CVE-2024-21218", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21218", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21218.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21218" }, { "cve": "CVE-2024-21219", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21219", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21219.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21219" }, { "cve": "CVE-2024-21230", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21230", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21230.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21230" }, { "cve": "CVE-2024-21231", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21231", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21231.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21231" }, { "cve": "CVE-2024-21232", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21232.json" } ], "scores": [ { "cvss_v3": { "baseScore": 2.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21232" }, { "cve": "CVE-2024-21236", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21236", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21236.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21236" }, { "cve": "CVE-2024-21237", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21237", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21237.json" } ], "scores": [ { "cvss_v3": { "baseScore": 2.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21237" }, { "cve": "CVE-2024-21238", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21238", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21238.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21238" }, { "cve": "CVE-2024-21239", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21239", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21239.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21239" }, { "cve": "CVE-2024-21241", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21241", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21241.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21241" }, { "cve": "CVE-2024-21243", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21243", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21243.json" } ], "scores": [ { "cvss_v3": { "baseScore": 2.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21243" }, { "cve": "CVE-2024-21244", "product_status": { "known_affected": [ "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21244", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21244.json" } ], "scores": [ { "cvss_v3": { "baseScore": 2.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-249429" ] } ], "title": "CVE-2024-21244" }, { "cve": "CVE-2024-21247", "product_status": { "known_affected": [ "CSAFPID-1673440", "CSAFPID-249429" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21247", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21247.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.8, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673440", "CSAFPID-249429" ] } ], "title": "CVE-2024-21247" }, { "cve": "CVE-2024-21262", "references": [ { "category": "self", "summary": "CVE-2024-21262", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21262.json" } ], "title": "CVE-2024-21262" }, { "cve": "CVE-2024-21272", "references": [ { "category": "self", "summary": "CVE-2024-21272", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21272.json" } ], "title": "CVE-2024-21272" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-764289", "CSAFPID-221160", "CSAFPID-764290", "CSAFPID-504250", "CSAFPID-764763" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-764289", "CSAFPID-221160", "CSAFPID-764290", "CSAFPID-504250", "CSAFPID-764763" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-37371", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "references": [ { "category": "self", "summary": "CVE-2024-37371", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json" } ], "title": "CVE-2024-37371" }, { "cve": "CVE-2024-39689", "cwe": { "id": "CWE-345", "name": "Insufficient Verification of Data Authenticity" }, "notes": [ { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "references": [ { "category": "self", "summary": "CVE-2024-39689", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json" } ], "title": "CVE-2024-39689" } ] }
ncsc-2024-0416
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:18
Modified
2024-10-17 13:18
Summary
Kwetsbaarheden verholpen in Oracle Financial Services Applications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Financial Services Applications.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Cross-Site-Scripting (XSS)
- Denial-of-Service (DoS)
- Manipuleren van data
- Uitvoer van willekeurige code (Gebruikersrechten)
- Uitvoer van willekeurige code (Administratorrechten)
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-1188
Initialization of a Resource with an Insecure Default
CWE-95
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-404
Improper Resource Shutdown or Release
CWE-306
Missing Authentication for Critical Function
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-416
Use After Free
CWE-295
Improper Certificate Validation
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in Financial Services Applications.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Cross-Site-Scripting (XSS)\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Initialization of a Resource with an Insecure Default", "title": "CWE-1188" }, { "category": "general", "text": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)", "title": "CWE-95" }, { "category": "general", "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "title": "CWE-601" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Missing Authentication for Critical Function", "title": "CWE-306" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)", "title": "CWE-94" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Financial Services Applications", "tracking": { "current_release_date": "2024-10-17T13:18:45.385015Z", "id": "NCSC-2024-0416", "initial_release_date": "2024-10-17T13:18:45.385015Z", "revision_history": [ { "date": "2024-10-17T13:18:45.385015Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221114", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94303", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221111", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.3.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:18.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221109", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94301", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221107", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94300", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:19.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221106", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816814", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:21.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221103", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816815", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94296", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-221102", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-816816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_apis", "product": { "name": "banking_apis", "product_id": "CSAFPID-94294", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_apis:22.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-764256", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-1503320", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912088", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912087", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912086", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912568", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_branch", "product": { "name": "banking_branch", "product_id": "CSAFPID-912570", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_branch:_reports___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-764257", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1503613", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912091", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912090", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912089", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-220172", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-220168", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1673521", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-1673498", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912571", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912572", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_cash_management", "product": { "name": "banking_cash_management", "product_id": "CSAFPID-912573", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_cash_management:_accessibility___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_collections_and_recovery", "product": { "name": "banking_collections_and_recovery", "product_id": "CSAFPID-816817", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_collections_and_recovery:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending", "product": { "name": "banking_corporate_lending", "product_id": "CSAFPID-764258", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-764259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503614", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503615", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503616", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_corporate_lending_process_management", "product": { "name": "banking_corporate_lending_process_management", "product_id": "CSAFPID-1503617", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-764260", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503618", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503619", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-1503620", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_credit_facilities_process_management", "product": { "name": "banking_credit_facilities_process_management", "product_id": "CSAFPID-220170", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_credit_facilities_process_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-912574", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-611428", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_deposits_and_lines_of_credit_servicing", "product": { "name": "banking_deposits_and_lines_of_credit_servicing", "product_id": "CSAFPID-387666", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221113", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9129", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221112", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.3.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221110", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816818", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9611", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221108", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-9198", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221105", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816819", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94298", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221104", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816820", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94297", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-221101", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-816821", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_digital_experience", "product": { "name": "banking_digital_experience", "product_id": "CSAFPID-94293", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_electronic_data_exchange_for_corporates", "product": { "name": "banking_electronic_data_exchange_for_corporates", "product_id": "CSAFPID-764261", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_electronic_data_exchange_for_corporates:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-816822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-912575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_enterprise_default_management", "product": { "name": "banking_enterprise_default_management", "product_id": "CSAFPID-912576", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_extensibility_workbench", "product": { "name": "banking_extensibility_workbench", "product_id": "CSAFPID-816823", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_extensibility_workbench:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764262", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912094", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673190", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220156", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912093", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764747", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220154", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912092", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-764748", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220152", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-816824", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673189", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.6.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-220151", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673482", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-1673499", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912577", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912578", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912579", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_common___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_liquidity_management", "product": { "name": "banking_liquidity_management", "product_id": "CSAFPID-912580", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:_infrastructure___14.7.0.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_loans_servicing", "product": { "name": "banking_loans_servicing", "product_id": "CSAFPID-912581", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_loans_servicing", "product": { "name": "banking_loans_servicing", "product_id": "CSAFPID-611718", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_loans_servicing:2.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-764263", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912064", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912063", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-224806", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912062", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-258398", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-220173", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912582", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912583", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_origination", "product": { "name": "banking_origination", "product_id": "CSAFPID-912584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_origination:_basic_config_maintenances___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-816825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-912095", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_party_management", "product": { "name": "banking_party_management", "product_id": "CSAFPID-387665", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_party_management:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-764264", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-94387", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-220552", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_payments", "product": { "name": "banking_payments", "product_id": "CSAFPID-220160", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_payments:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-912585", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.12.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-204520", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-1503621", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-9430", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-912096", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_platform", "product": { "name": "banking_platform", "product_id": "CSAFPID-9390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-764265", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-220171", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-220169", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-1673520", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_supply_chain_finance", "product": { "name": "banking_supply_chain_finance", "product_id": "CSAFPID-1673500", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_supply_chain_finance:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-631680", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-94386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-344967", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance", "product": { "name": "banking_trade_finance", "product_id": "CSAFPID-220194", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-764266", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220157", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220155", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.6.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220153", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.7.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_trade_finance_process_management", "product": { "name": "banking_trade_finance_process_management", "product_id": "CSAFPID-220150", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_trade_finance_process_management:14.7.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-764749", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-94389", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-220553", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_treasury_management", "product": { "name": "banking_treasury_management", "product_id": "CSAFPID-220195", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_treasury_management:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-764267", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912099", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-180211", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912098", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-201568", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912097", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-201569", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:14.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912586", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "banking_virtual_account_management", "product": { "name": "banking_virtual_account_management", "product_id": "CSAFPID-912588", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:banking_virtual_account_management:_common_core___14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9711", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9300", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-9522", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345043", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-8848", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-345042", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189066", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-93309", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189065", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-93305", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189064", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_infrastructure", "product": { "name": "financial_services_analytical_applications_infrastructure", "product_id": "CSAFPID-189063", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_reconciliation_framework", "product": { "name": "financial_services_analytical_applications_reconciliation_framework", "product_id": "CSAFPID-363146", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_analytical_applications_reconciliation_framework", "product": { "name": "financial_services_analytical_applications_reconciliation_framework", "product_id": "CSAFPID-363129", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674656", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.4.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674659", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.5.0.12.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674662", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.6.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674666", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.0.6.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674664", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674658", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:14.7.5.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674653", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:19.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674668", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:21.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674669", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:22.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674667", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:22.2.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674655", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:3.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674657", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:4.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674660", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:5.0.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674654", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_applications", "product": { "name": "financial_services_applications", "product_id": "CSAFPID-1674665", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_applications:8.1.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_asset_liability_management", "product": { "name": "financial_services_asset_liability_management", "product_id": "CSAFPID-363142", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_balance_computation_engine", "product": { "name": "financial_services_balance_computation_engine", "product_id": "CSAFPID-363130", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_balance_sheet_planning", "product": { "name": "financial_services_balance_sheet_planning", "product_id": "CSAFPID-363135", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_basic", "product": { "name": "financial_services_basel_regulatory_capital_basic", "product_id": "CSAFPID-1503626", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_basic", "product": { "name": "financial_services_basel_regulatory_capital_basic", "product_id": "CSAFPID-1503627", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product": { "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product_id": "CSAFPID-1503628", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product": { "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach", "product_id": "CSAFPID-1503629", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-189067", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-93307", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-345041", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-219772", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-219770", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-816828", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_behavior_detection_platform", "product": { "name": "financial_services_behavior_detection_platform", "product_id": "CSAFPID-1503630", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_cash_flow_engine", "product": { "name": "financial_services_cash_flow_engine", "product_id": "CSAFPID-764273", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-345047", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-816829", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1503631", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1503632", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_compliance_studio", "product": { "name": "financial_services_compliance_studio", "product_id": "CSAFPID-1673398", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_crime_and_compliance_management_studio", "product": { "name": "financial_services_crime_and_compliance_management_studio", "product_id": "CSAFPID-391382", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493291", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493290", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493289", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_currency_transaction_reporting", "product": { "name": "financial_services_currency_transaction_reporting", "product_id": "CSAFPID-493288", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_governance_for_us_regulatory_reporting", "product": { "name": "financial_services_data_governance_for_us_regulatory_reporting", "product_id": "CSAFPID-363128", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_governance_for_us_regulatory_reporting", "product": { "name": "financial_services_data_governance_for_us_regulatory_reporting", "product_id": "CSAFPID-363127", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363131", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_data_integration_hub", "product": { "name": "financial_services_data_integration_hub", "product_id": "CSAFPID-363126", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product": { "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product_id": "CSAFPID-363143", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product": { "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management", "product_id": "CSAFPID-363133", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219774", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503633", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-180190", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503634", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-345040", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219773", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-219771", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-816830", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503635", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_case_management", "product": { "name": "financial_services_enterprise_case_management", "product_id": "CSAFPID-1503636", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_enterprise_financial_performance_analytics", "product": { "name": "financial_services_enterprise_financial_performance_analytics", "product_id": "CSAFPID-363141", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_funds_transfer_pricing", "product": { "name": "financial_services_funds_transfer_pricing", "product_id": "CSAFPID-363138", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_institutional_performance_analytics", "product": { "name": "financial_services_institutional_performance_analytics", "product_id": "CSAFPID-363136", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_lending_and_leasing", "product": { "name": "financial_services_lending_and_leasing", "product_id": "CSAFPID-816831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_liquidity_risk_measurement_and_management", "product": { "name": "financial_services_liquidity_risk_measurement_and_management", "product_id": "CSAFPID-363145", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_liquidity_risk_measurement_and_management", "product": { "name": "financial_services_liquidity_risk_measurement_and_management", "product_id": "CSAFPID-363132", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_loan_loss_forecasting_and_provisioning", "product": { "name": "financial_services_loan_loss_forecasting_and_provisioning", "product_id": "CSAFPID-363140", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_loan_loss_forecasting_and_provisioning", "product": { "name": "financial_services_loan_loss_forecasting_and_provisioning", "product_id": "CSAFPID-363134", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-396508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-396507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-611392", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-611391", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-1503319", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_model_management_and_governance", "product": { "name": "financial_services_model_management_and_governance", "product_id": "CSAFPID-1503318", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_profitability_management", "product": { "name": "financial_services_profitability_management", "product_id": "CSAFPID-363139", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting_with_agilereporter", "product": { "name": "financial_services_regulatory_reporting_with_agilereporter", "product_id": "CSAFPID-611433", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570314", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570313", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570312", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_regulatory_reporting", "product": { "name": "financial_services_regulatory_reporting", "product_id": "CSAFPID-570311", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_retail_performance_analytics", "product": { "name": "financial_services_retail_performance_analytics", "product_id": "CSAFPID-363137", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-765266", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-219833", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-344846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "financial_services_revenue_management_and_billing", "product": { "name": "financial_services_revenue_management_and_billing", "product_id": "CSAFPID-912589", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-31160", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-9390", "CSAFPID-204520", "CSAFPID-94302", "CSAFPID-94301", "CSAFPID-94300", "CSAFPID-94299", "CSAFPID-94296", "CSAFPID-94294", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764258", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-611428", "CSAFPID-387666", "CSAFPID-9569", "CSAFPID-9611", "CSAFPID-9198", "CSAFPID-94298", "CSAFPID-94297", "CSAFPID-94293", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-611718", "CSAFPID-764263", "CSAFPID-387665", "CSAFPID-764264", "CSAFPID-9430", "CSAFPID-764265", "CSAFPID-631680", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-764273", "CSAFPID-611392", "CSAFPID-611391", "CSAFPID-221114", "CSAFPID-221111", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-220172", "CSAFPID-220168", "CSAFPID-220170", "CSAFPID-221113", "CSAFPID-221112", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-220156", "CSAFPID-764747", "CSAFPID-220154", "CSAFPID-764748", "CSAFPID-220152", "CSAFPID-220151", "CSAFPID-224806", "CSAFPID-220173", "CSAFPID-258398", "CSAFPID-220171", "CSAFPID-220169", "CSAFPID-220157", "CSAFPID-220155", "CSAFPID-220153", "CSAFPID-220150", "CSAFPID-764749", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-8848", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-219772", "CSAFPID-219770", "CSAFPID-345047", "CSAFPID-219774", "CSAFPID-180190", "CSAFPID-219773", "CSAFPID-219771", "CSAFPID-189064", "CSAFPID-189063", "CSAFPID-363146", "CSAFPID-363129", "CSAFPID-363142", "CSAFPID-363130", "CSAFPID-363135", "CSAFPID-345041", "CSAFPID-391382", "CSAFPID-493291", "CSAFPID-493290", "CSAFPID-493289", "CSAFPID-493288", "CSAFPID-363128", "CSAFPID-363127", "CSAFPID-363144", "CSAFPID-363131", "CSAFPID-363126", "CSAFPID-363143", "CSAFPID-363133", "CSAFPID-345040", "CSAFPID-363141", "CSAFPID-363138", "CSAFPID-363136", "CSAFPID-363145", "CSAFPID-363132", "CSAFPID-363140", "CSAFPID-363134", "CSAFPID-396508", "CSAFPID-396507", "CSAFPID-363139", "CSAFPID-570314", "CSAFPID-570313", "CSAFPID-570312", "CSAFPID-94303", "CSAFPID-9129", "CSAFPID-94387", "CSAFPID-220552", "CSAFPID-220160", "CSAFPID-94386", "CSAFPID-344967", "CSAFPID-220194", "CSAFPID-94389", "CSAFPID-220553", "CSAFPID-220195", "CSAFPID-180211", "CSAFPID-201568", "CSAFPID-201569", "CSAFPID-345045", "CSAFPID-345044", "CSAFPID-345043", "CSAFPID-345042", "CSAFPID-93309", "CSAFPID-93305", "CSAFPID-570311", "CSAFPID-611433", "CSAFPID-363137", "CSAFPID-219833", "CSAFPID-344846", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-9522", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-765266", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-912568", "CSAFPID-912088", "CSAFPID-912569", "CSAFPID-912087", "CSAFPID-912570", "CSAFPID-912086", "CSAFPID-912571", "CSAFPID-912091", "CSAFPID-912572", "CSAFPID-912090", "CSAFPID-912573", "CSAFPID-912089", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912094", "CSAFPID-912578", "CSAFPID-912093", "CSAFPID-912579", "CSAFPID-912092", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912064", "CSAFPID-912583", "CSAFPID-912063", "CSAFPID-912584", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-912585", "CSAFPID-912096", "CSAFPID-912586", "CSAFPID-912099", "CSAFPID-912587", "CSAFPID-912098", "CSAFPID-912588", "CSAFPID-912097", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2022-31160", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-31160.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-9390", "CSAFPID-204520", "CSAFPID-94302", "CSAFPID-94301", "CSAFPID-94300", "CSAFPID-94299", "CSAFPID-94296", "CSAFPID-94294", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764258", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-611428", "CSAFPID-387666", "CSAFPID-9569", "CSAFPID-9611", "CSAFPID-9198", "CSAFPID-94298", "CSAFPID-94297", "CSAFPID-94293", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-611718", "CSAFPID-764263", "CSAFPID-387665", "CSAFPID-764264", "CSAFPID-9430", "CSAFPID-764265", "CSAFPID-631680", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-764273", "CSAFPID-611392", "CSAFPID-611391", "CSAFPID-221114", "CSAFPID-221111", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-220172", "CSAFPID-220168", "CSAFPID-220170", "CSAFPID-221113", "CSAFPID-221112", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-220156", "CSAFPID-764747", "CSAFPID-220154", "CSAFPID-764748", "CSAFPID-220152", "CSAFPID-220151", "CSAFPID-224806", "CSAFPID-220173", "CSAFPID-258398", "CSAFPID-220171", "CSAFPID-220169", "CSAFPID-220157", "CSAFPID-220155", "CSAFPID-220153", "CSAFPID-220150", "CSAFPID-764749", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-8848", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-219772", "CSAFPID-219770", "CSAFPID-345047", "CSAFPID-219774", "CSAFPID-180190", "CSAFPID-219773", "CSAFPID-219771", "CSAFPID-189064", "CSAFPID-189063", "CSAFPID-363146", "CSAFPID-363129", "CSAFPID-363142", "CSAFPID-363130", "CSAFPID-363135", "CSAFPID-345041", "CSAFPID-391382", "CSAFPID-493291", "CSAFPID-493290", "CSAFPID-493289", "CSAFPID-493288", "CSAFPID-363128", "CSAFPID-363127", "CSAFPID-363144", "CSAFPID-363131", "CSAFPID-363126", "CSAFPID-363143", "CSAFPID-363133", "CSAFPID-345040", "CSAFPID-363141", "CSAFPID-363138", "CSAFPID-363136", "CSAFPID-363145", "CSAFPID-363132", "CSAFPID-363140", "CSAFPID-363134", "CSAFPID-396508", "CSAFPID-396507", "CSAFPID-363139", "CSAFPID-570314", "CSAFPID-570313", "CSAFPID-570312", "CSAFPID-94303", "CSAFPID-9129", "CSAFPID-94387", "CSAFPID-220552", "CSAFPID-220160", "CSAFPID-94386", "CSAFPID-344967", "CSAFPID-220194", "CSAFPID-94389", "CSAFPID-220553", "CSAFPID-220195", "CSAFPID-180211", "CSAFPID-201568", "CSAFPID-201569", "CSAFPID-345045", "CSAFPID-345044", "CSAFPID-345043", "CSAFPID-345042", "CSAFPID-93309", "CSAFPID-93305", "CSAFPID-570311", "CSAFPID-611433", "CSAFPID-363137", "CSAFPID-219833", "CSAFPID-344846", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-9522", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-765266", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-912568", "CSAFPID-912088", "CSAFPID-912569", "CSAFPID-912087", "CSAFPID-912570", "CSAFPID-912086", "CSAFPID-912571", "CSAFPID-912091", "CSAFPID-912572", "CSAFPID-912090", "CSAFPID-912573", "CSAFPID-912089", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912094", "CSAFPID-912578", "CSAFPID-912093", "CSAFPID-912579", "CSAFPID-912092", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912064", "CSAFPID-912583", "CSAFPID-912063", "CSAFPID-912584", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-912585", "CSAFPID-912096", "CSAFPID-912586", "CSAFPID-912099", "CSAFPID-912587", "CSAFPID-912098", "CSAFPID-912588", "CSAFPID-912097", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2022-31160" }, { "cve": "CVE-2023-34055", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-8848", "CSAFPID-9300", "CSAFPID-9522", "CSAFPID-9711", "CSAFPID-93307", "CSAFPID-180190", "CSAFPID-189065", "CSAFPID-189066", "CSAFPID-189067", "CSAFPID-219770", "CSAFPID-219771", "CSAFPID-219774", "CSAFPID-344846", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-764263", "CSAFPID-764265", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-765266", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-912062", "CSAFPID-912093", "CSAFPID-912094", "CSAFPID-912095", "CSAFPID-912096", "CSAFPID-912097", "CSAFPID-912098", "CSAFPID-912099", "CSAFPID-912568", "CSAFPID-912569", "CSAFPID-912570", "CSAFPID-912571", "CSAFPID-912572", "CSAFPID-912573", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912578", "CSAFPID-912579", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912583", "CSAFPID-912584", "CSAFPID-912585", "CSAFPID-912586", "CSAFPID-912587", "CSAFPID-912588", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-34055", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34055.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-221109", "CSAFPID-221107", "CSAFPID-221106", "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-221110", "CSAFPID-221108", "CSAFPID-221105", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-8848", "CSAFPID-9300", "CSAFPID-9522", "CSAFPID-9711", "CSAFPID-93307", "CSAFPID-180190", "CSAFPID-189065", "CSAFPID-189066", "CSAFPID-189067", "CSAFPID-219770", "CSAFPID-219771", "CSAFPID-219774", "CSAFPID-344846", "CSAFPID-764256", "CSAFPID-764257", "CSAFPID-764259", "CSAFPID-764260", "CSAFPID-764261", "CSAFPID-764262", "CSAFPID-764263", "CSAFPID-764265", "CSAFPID-764266", "CSAFPID-764267", "CSAFPID-765266", "CSAFPID-816813", "CSAFPID-816814", "CSAFPID-816815", "CSAFPID-816816", "CSAFPID-816817", "CSAFPID-816818", "CSAFPID-816819", "CSAFPID-816820", "CSAFPID-816821", "CSAFPID-816822", "CSAFPID-816823", "CSAFPID-816824", "CSAFPID-816825", "CSAFPID-816828", "CSAFPID-816829", "CSAFPID-816830", "CSAFPID-816831", "CSAFPID-912062", "CSAFPID-912093", "CSAFPID-912094", "CSAFPID-912095", "CSAFPID-912096", "CSAFPID-912097", "CSAFPID-912098", "CSAFPID-912099", "CSAFPID-912568", "CSAFPID-912569", "CSAFPID-912570", "CSAFPID-912571", "CSAFPID-912572", "CSAFPID-912573", "CSAFPID-912574", "CSAFPID-912575", "CSAFPID-912576", "CSAFPID-912577", "CSAFPID-912578", "CSAFPID-912579", "CSAFPID-912580", "CSAFPID-912581", "CSAFPID-912582", "CSAFPID-912583", "CSAFPID-912584", "CSAFPID-912585", "CSAFPID-912586", "CSAFPID-912587", "CSAFPID-912588", "CSAFPID-912589", "CSAFPID-1503320", "CSAFPID-1503613", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-1503621", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-34055" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-50447", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)", "title": "CWE-94" }, { "category": "other", "text": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)", "title": "CWE-95" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2023-50447", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50447.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2023-50447" }, { "cve": "CVE-2024-0232", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1673398", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-0232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json" } ], "title": "CVE-2024-0232" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-1673482", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673482", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673520", "CSAFPID-1673521", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673520", "CSAFPID-1673521", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-21281", "product_status": { "known_affected": [ "CSAFPID-1673189", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21281", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21281.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673189", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21281" }, { "cve": "CVE-2024-21284", "product_status": { "known_affected": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21284", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21284.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21284" }, { "cve": "CVE-2024-21285", "product_status": { "known_affected": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21285", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21285.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673190", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-21285" }, { "cve": "CVE-2024-22262", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "notes": [ { "category": "other", "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)", "title": "CWE-601" } ], "product_status": { "known_affected": [ "CSAFPID-221102", "CSAFPID-221103", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22262", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-221102", "CSAFPID-221103", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-22262" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-221107", "CSAFPID-221103", "CSAFPID-221106", "CSAFPID-221102", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-221107", "CSAFPID-221103", "CSAFPID-221106", "CSAFPID-221102", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-32007", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673498", "CSAFPID-1673499", "CSAFPID-1673500", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32007", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32007.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673498", "CSAFPID-1673499", "CSAFPID-1673500", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-32007" }, { "cve": "CVE-2024-32114", "cwe": { "id": "CWE-306", "name": "Missing Authentication for Critical Function" }, "notes": [ { "category": "other", "text": "Missing Authentication for Critical Function", "title": "CWE-306" }, { "category": "other", "text": "Initialization of a Resource with an Insecure Default", "title": "CWE-1188" } ], "product_status": { "known_affected": [ "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32114", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32114.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-221103", "CSAFPID-221102", "CSAFPID-221104", "CSAFPID-221101", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669", "CSAFPID-1503320", "CSAFPID-912088", "CSAFPID-912087", "CSAFPID-912086", "CSAFPID-1503613", "CSAFPID-912091", "CSAFPID-912090", "CSAFPID-912089", "CSAFPID-1503614", "CSAFPID-1503615", "CSAFPID-1503616", "CSAFPID-1503617", "CSAFPID-1503618", "CSAFPID-1503619", "CSAFPID-1503620", "CSAFPID-912574", "CSAFPID-912094", "CSAFPID-912093", "CSAFPID-912092", "CSAFPID-912064", "CSAFPID-912063", "CSAFPID-912062", "CSAFPID-912095", "CSAFPID-1503621", "CSAFPID-912099", "CSAFPID-912098", "CSAFPID-912097", "CSAFPID-9711", "CSAFPID-9300", "CSAFPID-189066", "CSAFPID-189065", "CSAFPID-1503626", "CSAFPID-1503627", "CSAFPID-1503628", "CSAFPID-1503629", "CSAFPID-189067", "CSAFPID-93307", "CSAFPID-816828", "CSAFPID-1503630", "CSAFPID-1503631", "CSAFPID-1503632", "CSAFPID-1503633", "CSAFPID-1503634", "CSAFPID-1503635", "CSAFPID-1503636", "CSAFPID-1503319", "CSAFPID-1503318" ] } ], "title": "CVE-2024-32114" }, { "cve": "CVE-2024-43407", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-221102", "CSAFPID-221108", "CSAFPID-221107", "CSAFPID-221104", "CSAFPID-221103", "CSAFPID-221105", "CSAFPID-221101", "CSAFPID-221106", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43407", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43407.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-221102", "CSAFPID-221108", "CSAFPID-221107", "CSAFPID-221104", "CSAFPID-221103", "CSAFPID-221105", "CSAFPID-221101", "CSAFPID-221106", "CSAFPID-1674653", "CSAFPID-1674654", "CSAFPID-1674655", "CSAFPID-1674656", "CSAFPID-1674657", "CSAFPID-1674658", "CSAFPID-1674659", "CSAFPID-1674660", "CSAFPID-1674661", "CSAFPID-1674662", "CSAFPID-1674663", "CSAFPID-1674664", "CSAFPID-1674665", "CSAFPID-1674666", "CSAFPID-1674667", "CSAFPID-1674668", "CSAFPID-1674669" ] } ], "title": "CVE-2024-43407" } ] }
ncsc-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" }, { "category": "general", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "general", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "general", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "general", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "general", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "general", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" }, { "category": "general", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" }, { "category": "general", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "general", "text": "Uncontrolled Search Path Element", "title": "CWE-427" }, { "category": "general", "text": "Encoding Error", "title": "CWE-172" }, { "category": "general", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" }, { "category": "general", "text": "Untrusted Search Path", "title": "CWE-426" }, { "category": "general", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" }, { "category": "general", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" }, { "category": "general", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CWE-275", "title": "CWE-275" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "general", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" }, { "category": "general", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" }, { "category": "general", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" }, { "category": "general", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" }, { "category": "general", "text": "CWE-18", "title": "CWE-18" }, { "category": "general", "text": "Covert Timing Channel", "title": "CWE-385" }, { "category": "general", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" }, { "category": "general", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "general", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" }, { "category": "general", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "general", "text": "Missing Critical Step in Authentication", "title": "CWE-304" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Database producten", "tracking": { "current_release_date": "2024-10-17T13:15:19.595269Z", "id": "NCSC-2024-0411", "initial_release_date": "2024-10-17T13:15:19.595269Z", "revision_history": [ { "date": "2024-10-17T13:15:19.595269Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673504", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673385", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673442", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673509", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph_mapviewer", "product": { "name": "spatial_and_graph_mapviewer", "product_id": "CSAFPID-912561", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-764250", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673511", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673512", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-816800", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673529", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning_-_micronaut", "product": { "name": "fleet_patching_and_provisioning_-_micronaut", "product_id": "CSAFPID-1673492", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning", "product": { "name": "fleet_patching_and_provisioning", "product_id": "CSAFPID-1503603", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673445", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673443", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673444", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673451", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673450", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673452", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816798", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816799", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-1673525", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912046", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816855", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816361", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503306", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816852", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912600", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816853", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912601", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816854", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-816801", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-1673405", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_administration", "product": { "name": "application_express_administration", "product_id": "CSAFPID-764731", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_customers_plugin", "product": { "name": "application_express_customers_plugin", "product_id": "CSAFPID-764732", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_team_calendar_plugin", "product": { "name": "application_express_team_calendar_plugin", "product_id": "CSAFPID-764733", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-266119", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673510", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1503575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673188", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765238", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765239", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-764779", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-89587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-765259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-187448", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-94075", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-220886", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-611394", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-816317", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-912567", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1503612", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1673479", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_essbase", "product": { "name": "oracle_essbase", "product_id": "CSAFPID-1650506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-816845", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1673404", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data", "product": { "name": "goldengate_big_data", "product_id": "CSAFPID-764274", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-764752", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-1673384", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220192", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220193", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-816846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-611390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-764803", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_veridata", "product": { "name": "goldengate_veridata", "product_id": "CSAFPID-764275", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-342816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-485902", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503736", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-219912", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503739", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503738", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_stream_analytics", "product": { "name": "oracle_goldengate_stream_analytics", "product_id": "CSAFPID-1650515", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-764861", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-1503640", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_studio", "product": { "name": "oracle_goldengate_studio", "product_id": "CSAFPID-1650835", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate", "product": { "name": "oracle_goldengate", "product_id": "CSAFPID-1650575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673497", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764764", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673491", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764766", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673495", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673493", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673489", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673488", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650757", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650758", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650761", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650760", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650759", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_nosql_database", "product": { "name": "oracle_nosql_database", "product_id": "CSAFPID-1650584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_secure_backup", "product": { "name": "oracle_secure_backup", "product_id": "CSAFPID-1650563", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-667692", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-345049", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-611417", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-1673422", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_sql_developer", "product": { "name": "oracle_sql_developer", "product_id": "CSAFPID-1650638", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-764822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-220643", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816870", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816871", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-1673397", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" }, { "branches": [ { "category": "product_name", "name": "oracle_application_express", "product": { "name": "oracle_application_express", "product_id": "CSAFPID-1673144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle_corporation" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044" ] }, "references": [ { "category": "self", "summary": "CVE-2022-1471", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json" } ], "title": "CVE-2022-1471" }, { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "notes": [ { "category": "other", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "other", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" } ], "product_status": { "known_affected": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-34169", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-34169" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-36033", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-36033" }, { "cve": "CVE-2022-37454", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] }, "references": [ { "category": "self", "summary": "CVE-2022-37454", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] } ], "title": "CVE-2022-37454" }, { "cve": "CVE-2022-38136", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-38136", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json" } ], "title": "CVE-2022-38136" }, { "cve": "CVE-2022-40196", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-40196", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json" } ], "title": "CVE-2022-40196" }, { "cve": "CVE-2022-41342", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-41342", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json" } ], "title": "CVE-2022-41342" }, { "cve": "CVE-2022-42919", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "other", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-42919", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json" } ], "title": "CVE-2022-42919" }, { "cve": "CVE-2022-45061", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-45061", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] } ], "title": "CVE-2022-45061" }, { "cve": "CVE-2022-46337", "product_status": { "known_affected": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] }, "references": [ { "category": "self", "summary": "CVE-2022-46337", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] } ], "title": "CVE-2022-46337" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "notes": [ { "category": "other", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" } ], "product_status": { "known_affected": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-2976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-2976" }, { "cve": "CVE-2023-4043", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "other", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4043", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-4043" }, { "cve": "CVE-2023-4759", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "notes": [ { "category": "other", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "other", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" } ], "product_status": { "known_affected": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4759", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-4759" }, { "cve": "CVE-2023-4863", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4863", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json" } ], "title": "CVE-2023-4863" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-5072", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-5072" }, { "cve": "CVE-2023-26031", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "other", "text": "Untrusted Search Path", "title": "CWE-426" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26031", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-26031" }, { "cve": "CVE-2023-26551", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26551", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json" } ], "scores": [ { "cvss_v3": { "baseScore": 0.0, "baseSeverity": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26551" }, { "cve": "CVE-2023-26552", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26552", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26552" }, { "cve": "CVE-2023-26553", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26553", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26553" }, { "cve": "CVE-2023-26554", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26554", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26554" }, { "cve": "CVE-2023-26555", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26555", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26555" }, { "cve": "CVE-2023-28484", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-28484", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-28484" }, { "cve": "CVE-2023-29469", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-29469", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-29469" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-33201" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-39410", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-39410", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-39410" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-44981", "cwe": { "id": "CWE-639", "name": "Authorization Bypass Through User-Controlled Key" }, "notes": [ { "category": "other", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" } ], "product_status": { "known_affected": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44981", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] } ], "title": "CVE-2023-44981" }, { "cve": "CVE-2023-45288", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45288", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-45288" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "product_status": { "known_affected": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49083", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-49083", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-49083" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-304", "name": "Missing Critical Step in Authentication" }, "notes": [ { "category": "other", "text": "Missing Critical Step in Authentication", "title": "CWE-304" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51384", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-1874", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-1874", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-1874" }, { "cve": "CVE-2024-2408", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "other", "text": "Covert Timing Channel", "title": "CWE-385" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2408", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-2408" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-4577", "cwe": { "id": "CWE-88", "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4577", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-4577" }, { "cve": "CVE-2024-4603", "cwe": { "id": "CWE-606", "name": "Unchecked Input for Loop Condition" }, "notes": [ { "category": "other", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4603", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4603" }, { "cve": "CVE-2024-4741", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4741", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4741" }, { "cve": "CVE-2024-5458", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5458", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5458" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-5585", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5585", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5585" }, { "cve": "CVE-2024-6119", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "other", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-6119", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-6119" }, { "cve": "CVE-2024-6232", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" } ], "references": [ { "category": "self", "summary": "CVE-2024-6232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json" } ], "title": "CVE-2024-6232" }, { "cve": "CVE-2024-7264", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7264", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] } ], "title": "CVE-2024-7264" }, { "cve": "CVE-2024-7592", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2024-7592", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json" } ], "title": "CVE-2024-7592" }, { "cve": "CVE-2024-21131", "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json" } ], "title": "CVE-2024-21131" }, { "cve": "CVE-2024-21138", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json" } ], "title": "CVE-2024-21138" }, { "cve": "CVE-2024-21140", "product_status": { "known_affected": [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21140", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json" } ], "title": "CVE-2024-21140" }, { "cve": "CVE-2024-21144", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21144", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json" } ], "title": "CVE-2024-21144" }, { "cve": "CVE-2024-21145", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21145", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json" } ], "title": "CVE-2024-21145" }, { "cve": "CVE-2024-21147", "product_status": { "known_affected": [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21147", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json" } ], "title": "CVE-2024-21147" }, { "cve": "CVE-2024-21233", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21233", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-21233" }, { "cve": "CVE-2024-21242", "product_status": { "known_affected": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21242", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] } ], "title": "CVE-2024-21242" }, { "cve": "CVE-2024-21251", "product_status": { "known_affected": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21251", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] } ], "title": "CVE-2024-21251" }, { "cve": "CVE-2024-21261", "product_status": { "known_affected": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21261", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-21261" }, { "cve": "CVE-2024-22018", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22018", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22018" }, { "cve": "CVE-2024-22020", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22020", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22020" }, { "cve": "CVE-2024-22201", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-22201" }, { "cve": "CVE-2024-23807", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23807", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23807" }, { "cve": "CVE-2024-23944", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23944", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23944" }, { "cve": "CVE-2024-24989", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24989", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json" } ], "title": "CVE-2024-24989" }, { "cve": "CVE-2024-24990", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24990", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-24990" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-25710", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-25710" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26130" }, { "cve": "CVE-2024-26308", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26308", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26308" }, { "cve": "CVE-2024-27983", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27983", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-27983" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28849", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28849", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28849" }, { "cve": "CVE-2024-28887", "cwe": { "id": "CWE-427", "name": "Uncontrolled Search Path Element" }, "notes": [ { "category": "other", "text": "Uncontrolled Search Path Element", "title": "CWE-427" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28887", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-28887" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29131" }, { "cve": "CVE-2024-29133", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29133", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29133" }, { "cve": "CVE-2024-31079", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-31079", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-31079" }, { "cve": "CVE-2024-32760", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32760", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-32760" }, { "cve": "CVE-2024-34161", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "other", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34161", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-34161" }, { "cve": "CVE-2024-34750", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "other", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673504", "CSAFPID-1673506" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34750", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673504", "CSAFPID-1673506" ] } ], "title": "CVE-2024-34750" }, { "cve": "CVE-2024-35200", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-35200", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-35200" }, { "cve": "CVE-2024-36137", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" }, { "category": "other", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36137", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-36137" }, { "cve": "CVE-2024-36138", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json" } ], "title": "CVE-2024-36138" }, { "cve": "CVE-2024-36387", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36387", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-36387" }, { "cve": "CVE-2024-37370", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37370", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37370" }, { "cve": "CVE-2024-37371", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37371", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] } ], "title": "CVE-2024-37371" }, { "cve": "CVE-2024-37372", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37372", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-37372" }, { "cve": "CVE-2024-38356", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38356", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38356" }, { "cve": "CVE-2024-38357", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38357", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673510", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38357" }, { "cve": "CVE-2024-38472", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38472", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38472" }, { "cve": "CVE-2024-38473", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38473", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38473" }, { "cve": "CVE-2024-38474", "cwe": { "id": "CWE-172", "name": "Encoding Error" }, "notes": [ { "category": "other", "text": "Encoding Error", "title": "CWE-172" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38474", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38474" }, { "cve": "CVE-2024-38475", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38475", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38475" }, { "cve": "CVE-2024-38476", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38476", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38476" }, { "cve": "CVE-2024-38477", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38477", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-38477" }, { "cve": "CVE-2024-38998", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38998", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38998" }, { "cve": "CVE-2024-38999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "notes": [ { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38999", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json" } ], "scores": [ { "cvss_v3": { "baseScore": 10.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673511", "CSAFPID-1673512", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-38999" }, { "cve": "CVE-2024-39573", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39573", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39573" }, { "cve": "CVE-2024-39884", "cwe": { "id": "CWE-18", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-18", "title": "CWE-18" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39884", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-39884" }, { "cve": "CVE-2024-40725", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40725", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40725" }, { "cve": "CVE-2024-40898", "cwe": { "id": "CWE-918", "name": "Server-Side Request Forgery (SSRF)" }, "notes": [ { "category": "other", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40898", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479" ] } ], "title": "CVE-2024-40898" }, { "cve": "CVE-2024-45490", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45490", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45490" }, { "cve": "CVE-2024-45491", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45491", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45491" }, { "cve": "CVE-2024-45492", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45492", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-45492" }, { "cve": "CVE-2024-45801", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "other", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-45801", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-45801" } ] }
NCSC-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" }, { "category": "general", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "general", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" }, { "category": "general", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "general", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "general", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "general", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" }, { "category": "general", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" }, { "category": "general", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "general", "text": "Uncontrolled Search Path Element", "title": "CWE-427" }, { "category": "general", "text": "Encoding Error", "title": "CWE-172" }, { "category": "general", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" }, { "category": "general", "text": "Untrusted Search Path", "title": "CWE-426" }, { "category": "general", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" }, { "category": "general", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "general", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "general", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" }, { "category": "general", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CWE-275", "title": "CWE-275" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" }, { "category": "general", "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "title": "CWE-1321" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "general", "text": "Exposure of Resource to Wrong Sphere", "title": "CWE-668" }, { "category": "general", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" }, { "category": "general", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Server-Side Request Forgery (SSRF)", "title": "CWE-918" }, { "category": "general", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" }, { "category": "general", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" }, { "category": "general", "text": "CWE-18", "title": "CWE-18" }, { "category": "general", "text": "Covert Timing Channel", "title": "CWE-385" }, { "category": "general", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" }, { "category": "general", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "general", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "general", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" }, { "category": "general", "text": "Truncation of Security-relevant Information", "title": "CWE-222" }, { "category": "general", "text": "Incorrect Calculation of Buffer Size", "title": "CWE-131" }, { "category": "general", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "general", "text": "Missing Critical Step in Authentication", "title": "CWE-304" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat", "url": "https://www.oracle.com/security-alerts/cpuoct2024.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Database producten", "tracking": { "current_release_date": "2024-10-17T13:15:19.595269Z", "id": "NCSC-2024-0411", "initial_release_date": "2024-10-17T13:15:19.595269Z", "revision_history": [ { "date": "2024-10-17T13:15:19.595269Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673504", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_grid", "product": { "name": "database_-_grid", "product_id": "CSAFPID-1673506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673386", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673385", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_core", "product": { "name": "database_-_core", "product_id": "CSAFPID-1673442", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673507", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673509", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_security", "product": { "name": "database_-_security", "product_id": "CSAFPID-1673508", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph_mapviewer", "product": { "name": "spatial_and_graph_mapviewer", "product_id": "CSAFPID-912561", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-764250", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673511", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673512", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-816800", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "spatial_and_graph", "product": { "name": "spatial_and_graph", "product_id": "CSAFPID-1673529", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning_-_micronaut", "product": { "name": "fleet_patching_and_provisioning_-_micronaut", "product_id": "CSAFPID-1673492", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "fleet_patching_and_provisioning", "product": { "name": "fleet_patching_and_provisioning", "product_id": "CSAFPID-1503603", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673445", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673443", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_xml_database", "product": { "name": "database_-_xml_database", "product_id": "CSAFPID-1673444", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673451", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673450", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "database_-_java_vm", "product": { "name": "database_-_java_vm", "product_id": "CSAFPID-1673452", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816798", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-816799", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-1673525", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912046", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503299", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816855", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816361", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912045", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503302", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-1503306", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816852", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912600", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816853", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-912601", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "graalvm_for_jdk", "product": { "name": "graalvm_for_jdk", "product_id": "CSAFPID-816854", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-816801", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sqlcl", "product": { "name": "sqlcl", "product_id": "CSAFPID-1673405", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_administration", "product": { "name": "application_express_administration", "product_id": "CSAFPID-764731", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_customers_plugin", "product": { "name": "application_express_customers_plugin", "product_id": "CSAFPID-764732", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express_team_calendar_plugin", "product": { "name": "application_express_team_calendar_plugin", "product_id": "CSAFPID-764733", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-266119", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673510", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1503575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "application_express", "product": { "name": "application_express", "product_id": "CSAFPID-1673188", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765238", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "autonomous_health_framework", "product": { "name": "autonomous_health_framework", "product_id": "CSAFPID-765239", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-764779", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "blockchain_platform", "product": { "name": "blockchain_platform", "product_id": "CSAFPID-89587", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-765259", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-187448", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-94075", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-220886", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-611394", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-816317", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-912567", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1503612", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "essbase", "product": { "name": "essbase", "product_id": "CSAFPID-1673479", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_essbase", "product": { "name": "oracle_essbase", "product_id": "CSAFPID-1650506", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-816845", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650825", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1673404", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data_and_application_adapters", "product": { "name": "goldengate_big_data_and_application_adapters", "product_id": "CSAFPID-1650831", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_big_data", "product": { "name": "goldengate_big_data", "product_id": "CSAFPID-764274", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-764752", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-1673384", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220192", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_stream_analytics", "product": { "name": "goldengate_stream_analytics", "product_id": "CSAFPID-220193", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-816846", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-611390", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_studio", "product": { "name": "goldengate_studio", "product_id": "CSAFPID-764803", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate_veridata", "product": { "name": "goldengate_veridata", "product_id": "CSAFPID-764275", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-342816", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-485902", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503736", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-219912", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503739", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1650765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "goldengate", "product": { "name": "goldengate", "product_id": "CSAFPID-1503738", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_stream_analytics", "product": { "name": "oracle_goldengate_stream_analytics", "product_id": "CSAFPID-1650515", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-764861", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "management_pack_for__goldengate", "product": { "name": "management_pack_for__goldengate", "product_id": "CSAFPID-1503640", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate_studio", "product": { "name": "oracle_goldengate_studio", "product_id": "CSAFPID-1650835", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_goldengate", "product": { "name": "oracle_goldengate", "product_id": "CSAFPID-1650575", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764813", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503661", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1503663", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673497", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764764", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764765", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673491", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764766", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673495", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-764767", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673493", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673489", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1673488", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650757", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650758", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650761", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650760", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "nosql_database", "product": { "name": "nosql_database", "product_id": "CSAFPID-1650759", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_nosql_database", "product": { "name": "oracle_nosql_database", "product_id": "CSAFPID-1650584", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_secure_backup", "product": { "name": "oracle_secure_backup", "product_id": "CSAFPID-1650563", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-667692", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-345049", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-611417", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "secure_backup", "product": { "name": "secure_backup", "product_id": "CSAFPID-1673422", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "oracle_sql_developer", "product": { "name": "oracle_sql_developer", "product_id": "CSAFPID-1650638", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-764822", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-220643", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816870", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-816871", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "sql_developer", "product": { "name": "sql_developer", "product_id": "CSAFPID-1673397", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle" }, { "branches": [ { "category": "product_name", "name": "oracle_application_express", "product": { "name": "oracle_application_express", "product_id": "CSAFPID-1673144", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "oracle_corporation" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-1471", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-220886", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764822", "CSAFPID-1650515", "CSAFPID-1650638", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-89587", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044" ] }, "references": [ { "category": "self", "summary": "CVE-2022-1471", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json" } ], "title": "CVE-2022-1471" }, { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "notes": [ { "category": "other", "text": "Integer Coercion Error", "title": "CWE-192" }, { "category": "other", "text": "Incorrect Conversion between Numeric Types", "title": "CWE-681" } ], "product_status": { "known_affected": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-34169", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-342816", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-764861", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-219912", "CSAFPID-765238", "CSAFPID-765239", "CSAFPID-765259", "CSAFPID-667692", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-34169" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Alternate XSS Syntax", "title": "CWE-87" }, { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2022-36033", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-220886", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764861", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-266119", "CSAFPID-187448", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-219912", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-667692", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-1503575", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2022-36033" }, { "cve": "CVE-2022-37454", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "other", "text": "Integer Overflow to Buffer Overflow", "title": "CWE-680" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] }, "references": [ { "category": "self", "summary": "CVE-2022-37454", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-1650563", "CSAFPID-89587", "CSAFPID-764861" ] } ], "title": "CVE-2022-37454" }, { "cve": "CVE-2022-38136", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-38136", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json" } ], "title": "CVE-2022-38136" }, { "cve": "CVE-2022-40196", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-40196", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json" } ], "title": "CVE-2022-40196" }, { "cve": "CVE-2022-41342", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2022-41342", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json" } ], "title": "CVE-2022-41342" }, { "cve": "CVE-2022-42919", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "other", "text": "Missing Encryption of Sensitive Data", "title": "CWE-311" }, { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-42919", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json" } ], "title": "CVE-2022-42919" }, { "cve": "CVE-2022-45061", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Inefficient Algorithmic Complexity", "title": "CWE-407" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2022-45061", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-342816", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764779", "CSAFPID-94075", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-611390", "CSAFPID-764803", "CSAFPID-764813", "CSAFPID-764822", "CSAFPID-89587" ] } ], "title": "CVE-2022-45061" }, { "cve": "CVE-2022-46337", "product_status": { "known_affected": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] }, "references": [ { "category": "self", "summary": "CVE-2022-46337", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-1673384", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-764752", "CSAFPID-764275", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-912046", "CSAFPID-912045", "CSAFPID-912044", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-764250", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692" ] } ], "title": "CVE-2022-46337" }, { "cve": "CVE-2023-2976", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "notes": [ { "category": "other", "text": "Files or Directories Accessible to External Parties", "title": "CWE-552" } ], "product_status": { "known_affected": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-2976", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650584", "CSAFPID-1650835", "CSAFPID-1650506", "CSAFPID-1650515", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-342816", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816361", "CSAFPID-764813", "CSAFPID-220643", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-89587", "CSAFPID-1673397", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-345049", "CSAFPID-816801", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764250", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-2976" }, { "cve": "CVE-2023-4043", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "other", "text": "Excessive Iteration", "title": "CWE-834" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4043", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673405", "CSAFPID-1673397", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-4043" }, { "cve": "CVE-2023-4759", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "notes": [ { "category": "other", "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "title": "CWE-59" }, { "category": "other", "text": "Improper Handling of Case Sensitivity", "title": "CWE-178" } ], "product_status": { "known_affected": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4759", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673397", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-4759" }, { "cve": "CVE-2023-4863", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4863", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json" } ], "title": "CVE-2023-4863" }, { "cve": "CVE-2023-5072", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-5072", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650575", "CSAFPID-1650515", "CSAFPID-1650835", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-5072" }, { "cve": "CVE-2023-26031", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "notes": [ { "category": "other", "text": "Untrusted Search Path", "title": "CWE-426" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26031", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-26031" }, { "cve": "CVE-2023-26551", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26551", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json" } ], "scores": [ { "cvss_v3": { "baseScore": 0.0, "baseSeverity": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26551" }, { "cve": "CVE-2023-26552", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26552", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26552" }, { "cve": "CVE-2023-26553", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26553", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26553" }, { "cve": "CVE-2023-26554", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26554", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26554" }, { "cve": "CVE-2023-26555", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26555", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-26555" }, { "cve": "CVE-2023-28484", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-28484", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-220886", "CSAFPID-816317", "CSAFPID-764813", "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-28484" }, { "cve": "CVE-2023-29469", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-29469", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-611417", "CSAFPID-764731", "CSAFPID-764732", "CSAFPID-764733", "CSAFPID-816317", "CSAFPID-89587", "CSAFPID-220886", "CSAFPID-342816", "CSAFPID-345049", "CSAFPID-764752", "CSAFPID-611390", "CSAFPID-611394", "CSAFPID-764764", "CSAFPID-764765", "CSAFPID-764766", "CSAFPID-764767", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764250", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-29469" }, { "cve": "CVE-2023-33201", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-33201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-764250", "CSAFPID-611394", "CSAFPID-1650584", "CSAFPID-1673397", "CSAFPID-912561", "CSAFPID-345049", "CSAFPID-611390", "CSAFPID-611417", "CSAFPID-764274", "CSAFPID-764275", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-33201" }, { "cve": "CVE-2023-37920", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "other", "text": "Improper Certificate Validation", "title": "CWE-295" }, { "category": "other", "text": "Insufficient Verification of Data Authenticity", "title": "CWE-345" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] }, "references": [ { "category": "self", "summary": "CVE-2023-37920", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612" ] } ], "title": "CVE-2023-37920" }, { "cve": "CVE-2023-39410", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] }, "references": [ { "category": "self", "summary": "CVE-2023-39410", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673404", "CSAFPID-1673384", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871" ] } ], "title": "CVE-2023-39410" }, { "cve": "CVE-2023-44487", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-816361", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503603", "CSAFPID-1503575", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-44487" }, { "cve": "CVE-2023-44981", "cwe": { "id": "CWE-639", "name": "Authorization Bypass Through User-Controlled Key" }, "notes": [ { "category": "other", "text": "Authorization Bypass Through User-Controlled Key", "title": "CWE-639" } ], "product_status": { "known_affected": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] }, "references": [ { "category": "self", "summary": "CVE-2023-44981", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650515", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601" ] } ], "title": "CVE-2023-44981" }, { "cve": "CVE-2023-45288", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-45288", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-45288" }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "other", "text": "Truncation of Security-relevant Information", "title": "CWE-222" } ], "product_status": { "known_affected": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] }, "references": [ { "category": "self", "summary": "CVE-2023-48795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-1650765", "CSAFPID-1650757", "CSAFPID-1650758", "CSAFPID-1650767", "CSAFPID-1650759", "CSAFPID-1650760", "CSAFPID-1650761", "CSAFPID-89587", "CSAFPID-220643", "CSAFPID-342816", "CSAFPID-667692", "CSAFPID-764250", "CSAFPID-764813", "CSAFPID-816317", "CSAFPID-816361", "CSAFPID-816798", "CSAFPID-816799", "CSAFPID-816800", "CSAFPID-816801", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-816852", "CSAFPID-816853", "CSAFPID-816854", "CSAFPID-816855", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-816870", "CSAFPID-816871", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-1503603", "CSAFPID-1503612", "CSAFPID-1503575", "CSAFPID-1503640", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2023-49083", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-49083", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-49083" }, { "cve": "CVE-2023-51384", "cwe": { "id": "CWE-304", "name": "Missing Critical Step in Authentication" }, "notes": [ { "category": "other", "text": "Missing Critical Step in Authentication", "title": "CWE-304" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51384", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51384" }, { "cve": "CVE-2023-51385", "cwe": { "id": "CWE-78", "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2023-51385", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2023-51385" }, { "cve": "CVE-2023-52425", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52425", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52425" }, { "cve": "CVE-2023-52426", "cwe": { "id": "CWE-776", "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)" }, "notes": [ { "category": "other", "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)", "title": "CWE-776" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2023-52426", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2023-52426" }, { "cve": "CVE-2024-1874", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" }, { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-1874", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-1874" }, { "cve": "CVE-2024-2408", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Use of a Broken or Risky Cryptographic Algorithm", "title": "CWE-327" }, { "category": "other", "text": "Covert Timing Channel", "title": "CWE-385" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2408", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-2408" }, { "cve": "CVE-2024-2511", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improperly Controlled Sequential Memory Allocation", "title": "CWE-1325" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-2511", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-2511" }, { "cve": "CVE-2024-4577", "cwe": { "id": "CWE-88", "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4577", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-4577" }, { "cve": "CVE-2024-4603", "cwe": { "id": "CWE-606", "name": "Unchecked Input for Loop Condition" }, "notes": [ { "category": "other", "text": "Unchecked Input for Loop Condition", "title": "CWE-606" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4603", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4603" }, { "cve": "CVE-2024-4741", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-4741", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-4741" }, { "cve": "CVE-2024-5458", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5458", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5458" }, { "cve": "CVE-2024-5535", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5535", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-5535" }, { "cve": "CVE-2024-5585", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "other", "text": "Improper Encoding or Escaping of Output", "title": "CWE-116" }, { "category": "other", "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "title": "CWE-78" }, { "category": "other", "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)", "title": "CWE-88" } ], "product_status": { "known_affected": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-5585", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673422", "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-5585" }, { "cve": "CVE-2024-6119", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)" }, "notes": [ { "category": "other", "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)", "title": "CWE-843" } ], "product_status": { "known_affected": [ "CSAFPID-1673508", "CSAFPID-1673525" ] }, "references": [ { "category": "self", "summary": "CVE-2024-6119", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json" } ], "scores": [ { "cvss_v3": { "baseScore": 9.1, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673508", "CSAFPID-1673525" ] } ], "title": "CVE-2024-6119" }, { "cve": "CVE-2024-6232", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "notes": [ { "category": "other", "text": "Inefficient Regular Expression Complexity", "title": "CWE-1333" } ], "references": [ { "category": "self", "summary": "CVE-2024-6232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json" } ], "title": "CVE-2024-6232" }, { "cve": "CVE-2024-7264", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7264", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673529", "CSAFPID-1673479", "CSAFPID-1673511", "CSAFPID-1673512" ] } ], "title": "CVE-2024-7264" }, { "cve": "CVE-2024-7592", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "references": [ { "category": "self", "summary": "CVE-2024-7592", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json" } ], "title": "CVE-2024-7592" }, { "cve": "CVE-2024-21131", "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json" } ], "title": "CVE-2024-21131" }, { "cve": "CVE-2024-21138", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json" } ], "title": "CVE-2024-21138" }, { "cve": "CVE-2024-21140", "product_status": { "known_affected": [ "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21140", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json" } ], "title": "CVE-2024-21140" }, { "cve": "CVE-2024-21144", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21144", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json" } ], "title": "CVE-2024-21144" }, { "cve": "CVE-2024-21145", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1503299", "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21145", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json" } ], "title": "CVE-2024-21145" }, { "cve": "CVE-2024-21147", "product_status": { "known_affected": [ "CSAFPID-1503306", "CSAFPID-1503302", "CSAFPID-1503299", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21147", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json" } ], "title": "CVE-2024-21147" }, { "cve": "CVE-2024-21233", "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21233", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-21233" }, { "cve": "CVE-2024-21242", "product_status": { "known_affected": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21242", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.5, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673443", "CSAFPID-1673444", "CSAFPID-1673445" ] } ], "title": "CVE-2024-21242" }, { "cve": "CVE-2024-21251", "product_status": { "known_affected": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21251", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json" } ], "scores": [ { "cvss_v3": { "baseScore": 3.1, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673450", "CSAFPID-1673451", "CSAFPID-1673452" ] } ], "title": "CVE-2024-21251" }, { "cve": "CVE-2024-21261", "product_status": { "known_affected": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21261", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json" } ], "scores": [ { "cvss_v3": { "baseScore": 4.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673144", "CSAFPID-1503575", "CSAFPID-1673188" ] } ], "title": "CVE-2024-21261" }, { "cve": "CVE-2024-22018", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22018", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22018" }, { "cve": "CVE-2024-22020", "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22020", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-22020" }, { "cve": "CVE-2024-22201", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-22201", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-22201" }, { "cve": "CVE-2024-23807", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23807", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1650831", "CSAFPID-1650825", "CSAFPID-1673479", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23807" }, { "cve": "CVE-2024-23944", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23944", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-23944" }, { "cve": "CVE-2024-24989", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24989", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json" } ], "title": "CVE-2024-24989" }, { "cve": "CVE-2024-24990", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-24990", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-24990" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-25710", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-342816", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-912046", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-25710" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816798", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26130" }, { "cve": "CVE-2024-26308", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-26308", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json" } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1673384", "CSAFPID-816871", "CSAFPID-816798", "CSAFPID-342816", "CSAFPID-764275", "CSAFPID-764752", "CSAFPID-816801", "CSAFPID-816846", "CSAFPID-912044", "CSAFPID-912045", "CSAFPID-912046", "CSAFPID-912561", "CSAFPID-912567", "CSAFPID-912600", "CSAFPID-912601", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-816845", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-26308" }, { "cve": "CVE-2024-27983", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27983", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json" } ], "scores": [ { "cvss_v3": { "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-27983" }, { "cve": "CVE-2024-28182", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Detection of Error Condition Without Action", "title": "CWE-390" }, { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673442", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28182" }, { "cve": "CVE-2024-28849", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28849", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-89587", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-28849" }, { "cve": "CVE-2024-28887", "cwe": { "id": "CWE-427", "name": "Uncontrolled Search Path Element" }, "notes": [ { "category": "other", "text": "Uncontrolled Search Path Element", "title": "CWE-427" } ], "product_status": { "known_affected": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28887", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673385", "CSAFPID-1673442", "CSAFPID-1673386" ] } ], "title": "CVE-2024-28887" }, { "cve": "CVE-2024-29025", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "notes": [ { "category": "other", "text": "Allocation of Resources Without Limits or Throttling", "title": "CWE-770" } ], "product_status": { "known_affected": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29025", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673488", "CSAFPID-1673489", "CSAFPID-1673491", "CSAFPID-1673492", "CSAFPID-1673493", "CSAFPID-1673495", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29025" }, { "cve": "CVE-2024-29131", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29131" }, { "cve": "CVE-2024-29133", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29133", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-1673497", "CSAFPID-1673397", "CSAFPID-1673384", "CSAFPID-1503575", "CSAFPID-1503603", "CSAFPID-764250", "CSAFPID-1503612", "CSAFPID-1503640", "CSAFPID-342816", "CSAFPID-816845", "CSAFPID-816846", "CSAFPID-1503299", "CSAFPID-1503302", "CSAFPID-1503306", "CSAFPID-1503661", "CSAFPID-1503663", "CSAFPID-764813" ] } ], "title": "CVE-2024-29133" }, { "cve": "CVE-2024-31079", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-31079", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-31079" }, { "cve": "CVE-2024-32760", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-32760", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-32760" }, { "cve": "CVE-2024-34161", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "other", "text": "Missing Release of Memory after Effective Lifetime", "title": "CWE-401" }, { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34161", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-34161" }, { "cve": "CVE-2024-34750", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "other", "text": "Improper Handling of Exceptional Conditions", "title": "CWE-755" }, { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1673504", "CSAFPID-1673506" ] }, "references": [ { "category": "self", "summary": "CVE-2024-34750", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-1673504", "CSAFPID-1673506" ] } ], "title": "CVE-2024-34750" }, { "cve": "CVE-2024-35200", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-35200", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-35200" }, { "cve": "CVE-2024-36137", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" }, { "category": "other", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36137", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-89587" ] } ], "title": "CVE-2024-36137" }, { "cve": "CVE-2024-36138", "cwe": { "id": "CWE-77", "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)", "title": "CWE-77" } ], "product_status": { "known_affected": [ "CSAFPID-89587" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36138", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json" } ], "title": "CVE-2024-36138" }, { "cve": "CVE-2024-36387", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-345049", "CSAFPID-611417" ] }, "references": [ { "category": "self", "summary": "CVE-2024-36387", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-345049", "CSAFPID-611417" ] } ], "title": "CVE-2024-36387" }, { "cve": "CVE-2024-37370", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "notes": [ { "category": "other", "text": "Improper Handling of Length Parameter Inconsistency", "title": "CWE-130" } ], "product_status": { "known_affected": [ "CSAFPID-1673507", "CSAFPID-1673508", "CSAFPID-1673509" ] }, "references": [ { "category": "self", "summary": "CVE-2024-37370", "url": "https