All the vulnerabilites related to Microsoft - Azure Kubernetes Service
cve-2023-29332
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332 | vendor-advisory |
▼ | Vendor | Product |
---|---|---|
Microsoft | Azure Kubernetes Service |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:07:45.624Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "VHD 202308", "status": "affected", "version": "1.0", "versionType": "custom" } ] } ], "datePublic": "2023-09-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-330", "description": "CWE-330: Use of Insufficiently Random Values", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-29T02:40:48.532Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332" } ], "title": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2023-29332", "datePublished": "2023-09-12T16:58:34.444Z", "dateReserved": "2023-04-04T22:34:18.379Z", "dateUpdated": "2024-08-02T14:07:45.624Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21403
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21403 | vendor-advisory |
▼ | Vendor | Product |
---|---|---|
Microsoft | Azure Kubernetes Service |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:40.581Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21403" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service_confidential_containers:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "0.3.3", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-02-13T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-552", "description": "CWE-552: Files or Directories Accessible to External Parties", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:50:11.085Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21403" } ], "title": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21403", "datePublished": "2024-02-13T18:02:46.888Z", "dateReserved": "2023-12-08T22:45:21.298Z", "dateUpdated": "2024-10-09T01:50:11.085Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-27075
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27075 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T20:40:47.025Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27075" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [], "platforms": [ "Unknown" ], "product": "Azure Service Fabric", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "N/A" } ] }, { "cpes": [], "platforms": [ "Unknown" ], "product": "Azure Spring Cloud", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "N/A" } ] }, { "cpes": [], "platforms": [ "Unknown" ], "product": "Azure Container Instance", "vendor": "Microsoft", "versions": [ { "status": "affected", "version": "N/A" } ] }, { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "publication", "status": "affected", "version": "1.0", "versionType": "custom" } ] } ], "datePublic": "2021-03-09T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Azure Virtual Machine Information Disclosure Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en-US", "type": "Impact" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-29T20:08:49.462Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27075" } ], "title": "Azure Virtual Machine Information Disclosure Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2021-27075", "datePublished": "2021-03-11T15:50:50", "dateReserved": "2021-02-10T00:00:00", "dateUpdated": "2024-08-03T20:40:47.025Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21400
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400 | vendor-advisory |
▼ | Vendor | Product |
---|---|---|
Microsoft | Azure Kubernetes Service |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-21400", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-03-12T19:22:29.488307Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-07T19:36:49.362Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:40.636Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service_confidential_containers:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "0.3.3", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-03-12T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-11T15:09:55.061Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400" } ], "title": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21400", "datePublished": "2024-03-12T16:57:58.625Z", "dateReserved": "2023-12-08T22:45:20.455Z", "dateUpdated": "2024-08-01T22:20:40.636Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-29990
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990 | vendor-advisory |
▼ | Vendor | Product |
---|---|---|
Microsoft | Azure Kubernetes Service |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-29990", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-10T19:00:43.063881Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-05T17:28:24.192Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:25:00.879Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service_confidential_containers:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "0.3.4", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-04-09T07:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:41:12.195Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990" } ], "title": "Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-29990", "datePublished": "2024-04-09T17:00:36.373Z", "dateReserved": "2024-03-22T23:12:11.047Z", "dateUpdated": "2024-10-09T01:41:12.195Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-21376
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21376 | vendor-advisory |
▼ | Vendor | Product |
---|---|---|
Microsoft | Azure Kubernetes Service |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:20:40.547Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21376" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:microsoft:azure_kubernetes_service_confidential_containers:-:*:*:*:*:*:*:*" ], "platforms": [ "Unknown" ], "product": "Azure Kubernetes Service", "vendor": "Microsoft", "versions": [ { "lessThan": "0.3.3", "status": "affected", "version": "1.0.0", "versionType": "custom" } ] } ], "datePublic": "2024-02-13T08:00:00+00:00", "descriptions": [ { "lang": "en-US", "value": "Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability" } ], "metrics": [ { "cvssV3_1": { "baseScore": 9, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en-US", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-09T01:50:06.310Z", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft" }, "references": [ { "name": "Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability", "tags": [ "vendor-advisory" ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21376" } ], "title": "Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability" } }, "cveMetadata": { "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2024-21376", "datePublished": "2024-02-13T18:02:41.796Z", "dateReserved": "2023-12-08T22:45:20.450Z", "dateUpdated": "2024-10-09T01:50:06.310Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
var-202310-0175
Vulnerability from variot
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Description:
AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section.
Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
Description:
nghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C.
The following data is constructed from data provided by Red Hat's json file at:
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json
Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.
- Packet Storm Staff
==================================================================== Red Hat Security Advisory
Synopsis: Important: dotnet6.0 security update Advisory ID: RHSA-2023:5710-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5710 Issue date: 2023-10-16 Revision: 01 CVE Names: CVE-2023-44487 ====================================================================
Summary:
An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description:
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.
New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23.
Security Fix(es):
- HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution:
https://access.redhat.com/articles/11258
CVEs:
CVE-2023-44487
References:
https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-003
. ========================================================================== Ubuntu Security Notice USN-6754-1 April 25, 2024
nghttp2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
Several security issues were fixed in nghttp2.
Software Description: - nghttp2: HTTP/2 C Library and tools
Details:
It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511, CVE-2019-9513)
It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)
It was discovered that nghttp2 could be made to process an unlimited number of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. (CVE-2024-28182)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10: libnghttp2-14 1.55.1-1ubuntu0.2 nghttp2 1.55.1-1ubuntu0.2 nghttp2-client 1.55.1-1ubuntu0.2 nghttp2-proxy 1.55.1-1ubuntu0.2 nghttp2-server 1.55.1-1ubuntu0.2
Ubuntu 22.04 LTS: libnghttp2-14 1.43.0-1ubuntu0.2 nghttp2 1.43.0-1ubuntu0.2 nghttp2-client 1.43.0-1ubuntu0.2 nghttp2-proxy 1.43.0-1ubuntu0.2 nghttp2-server 1.43.0-1ubuntu0.2
Ubuntu 20.04 LTS: libnghttp2-14 1.40.0-1ubuntu0.3 nghttp2 1.40.0-1ubuntu0.3 nghttp2-client 1.40.0-1ubuntu0.3 nghttp2-proxy 1.40.0-1ubuntu0.3 nghttp2-server 1.40.0-1ubuntu0.3
Ubuntu 18.04 LTS (Available with Ubuntu Pro): libnghttp2-14 1.30.0-1ubuntu1+esm2 nghttp2 1.30.0-1ubuntu1+esm2 nghttp2-client 1.30.0-1ubuntu1+esm2 nghttp2-proxy 1.30.0-1ubuntu1+esm2 nghttp2-server 1.30.0-1ubuntu1+esm2
Ubuntu 16.04 LTS (Available with Ubuntu Pro): libnghttp2-14 1.7.1-1ubuntu0.1~esm2 nghttp2 1.7.1-1ubuntu0.1~esm2 nghttp2-client 1.7.1-1ubuntu0.1~esm2 nghttp2-proxy 1.7.1-1ubuntu0.1~esm2 nghttp2-server 1.7.1-1ubuntu0.1~esm2
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5558-1 security@debian.org https://www.debian.org/security/ Markus Koschany November 18, 2023 https://www.debian.org/security/faq
Package : netty CVE ID : CVE-2023-34462 CVE-2023-44487 Debian Bug : 1038947 1054234
Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework.
CVE-2023-34462
It might be possible for a remote peer to send a client hello packet during
a TLS handshake which lead the server to buffer up to 16 MB of data per
connection. This could lead to a OutOfMemoryError and so result in a denial
of service.
This problem is also known as Rapid Reset Attack.
For the oldstable distribution (bullseye), these problems have been fixed in version 1:4.1.48-4+deb11u2.
For the stable distribution (bookworm), these problems have been fixed in version 1:4.1.48-7+deb12u1.
We recommend that you upgrade your netty packages.
For the detailed security status of netty please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netty
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97 UNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0 eamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH 1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB eAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g SUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza Da8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1 g6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom rrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0 P3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg O6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI= =4ExT -----END PGP SIGNATURE----- . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202310-0175", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "node maintenance operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip ssl orchestrator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "jboss core services", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "go", "scope": "gte", "trust": 1.0, "vendor": "golang", "version": "1.21.0" }, { "model": "istio", "scope": "lt", "trust": 1.0, "vendor": "istio", "version": "1.19.1" }, { "model": "big-ip advanced web application firewall", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "crosswork zero touch provisioning", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.0.0" }, { "model": "big-ip policy enforcement manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "integration camel for spring boot", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "windows 10 1809", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.17763.4974" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip ddos hybrid defender", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip carrier-grade nat", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "advanced cluster security", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4.0" }, { "model": "expressway", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "x14.3.3" }, { "model": "ultra cloud core - policy control function", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2024.01.0" }, { "model": "traffic server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "9.0.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "visual studio 2022", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "17.6" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "11.0" }, { "model": "big-ip application visibility and reporting", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "openshift container platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4.0" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "satellite", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "crosswork data gateway", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "4.1.3" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "nx-os", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "10.2\\(7\\)" }, { "model": "nginx plus", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "r25" }, { "model": "big-ip advanced web application firewall", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "big-ip websafe", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "service interconnect", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "1.0" }, { "model": "fog director", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "1.22" }, { "model": "unified contact center domain manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip advanced web application firewall", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "asp.net core", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "7.0.12" }, { "model": "migration toolkit for applications", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "big-ip carrier-grade nat", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip ddos hybrid defender", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "crosswork data gateway", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.0" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "go", "scope": "lt", "trust": 1.0, "vendor": "golang", "version": "1.20.10" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": ".net", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "6.0.23" }, { "model": "ultra cloud core - policy control function", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2024.01.0" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "enterprise chat and email", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "8.5.93" }, { "model": "proxygen", "scope": "lt", "trust": 1.0, "vendor": "facebook", "version": "2023.10.16.00" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "process automation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip application acceleration manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "build of optaplanner", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.0" }, { "model": "jenkins", "scope": "lte", "trust": 1.0, "vendor": "jenkins", "version": "2.427" }, { "model": "visual studio 2022", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "17.7.5" }, { "model": "telepresence video communication server", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "x14.3.3" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip ssl orchestrator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip application visibility and reporting", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "nginx plus", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "r30" }, { "model": "big-ip application visibility and reporting", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "20.8.1" }, { "model": "big-ip carrier-grade nat", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "swiftnio http\\/2", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "1.28.0" }, { "model": "linkerd", "scope": "eq", "trust": 1.0, "vendor": "linkerd", "version": "2.13.0" }, { "model": "caddy", "scope": "lt", "trust": 1.0, "vendor": "caddyserver", "version": "2.7.5" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "10.1.0" }, { "model": "astra control center", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "fence agents remediation operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "cert-manager operator for red hat openshift", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip ddos hybrid defender", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "advanced cluster management for kubernetes", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "solr", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "9.4.0" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "secure web appliance", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "15.1.0" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip websafe", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "3scale api management platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "http", "scope": "eq", "trust": 1.0, "vendor": "ietf", "version": "2.0" }, { "model": "openshift", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip access policy manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "certification for red hat enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.0" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip advanced web application firewall", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "migration toolkit for containers", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": ".net", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "7.0.12" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "visual studio 2022", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "17.2.20" }, { "model": "big-ip local traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "go", "scope": "lt", "trust": 1.0, "vendor": "golang", "version": "1.21.3" }, { "model": "windows 11 21h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.22000.2538" }, { "model": "jetty", "scope": "lt", "trust": 1.0, "vendor": "eclipse", "version": "9.4.53" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "jenkins", "scope": "lte", "trust": 1.0, "vendor": "jenkins", "version": "2.414.2" }, { "model": "traffic server", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "8.1.9" }, { "model": "tomcat", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "11.0.0" }, { "model": "apisix", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "3.6.1" }, { "model": "certification for red hat enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "9.0" }, { "model": "big-ip websafe", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "jboss a-mq streams", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip domain name system", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "ios xr", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.11.2" }, { "model": "ultra cloud core - session management function", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2024.02.0" }, { "model": "big-ip advanced web application firewall", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "varnish cache", "scope": "lt", "trust": 1.0, "vendor": "varnish cache", "version": "2023-10-10" }, { "model": "single sign-on", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "big-ip ssl orchestrator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "windows 10 1607", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.14393.6351" }, { "model": "linkerd", "scope": "eq", "trust": 1.0, "vendor": "linkerd", "version": "2.14.1" }, { "model": "envoy", "scope": "eq", "trust": 1.0, "vendor": "envoyproxy", "version": "1.25.9" }, { "model": "jboss data grid", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0.0" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "12.0" }, { "model": "big-ip policy enforcement manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "machine deletion remediation operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "big-ip websafe", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "visual studio 2022", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "17.4" }, { "model": "nginx plus", "scope": "lt", "trust": 1.0, "vendor": "f5", "version": "r29" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "grpc", "scope": "lt", "trust": 1.0, "vendor": "grpc", "version": "1.56.3" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "openresty", "scope": "lt", "trust": 1.0, "vendor": "openresty", "version": "1.21.4.3" }, { "model": "nginx", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "1.9.5" }, { "model": "big-ip ssl orchestrator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "nginx plus", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "r29" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "38" }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "windows 10 21h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19044.3570" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "istio", "scope": "lt", "trust": 1.0, "vendor": "istio", "version": "1.17.6" }, { "model": "advanced cluster security", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip carrier-grade nat", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "openstack platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "17.1" }, { "model": "windows server 2022", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "big-ip analytics", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip webaccelerator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip advanced web application firewall", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip websafe", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "cbl-mariner", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "2023-10-11" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "traefik", "scope": "lt", "trust": 1.0, "vendor": "traefik", "version": "2.10.5" }, { "model": "openshift data science", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip global traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip ddos hybrid defender", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "big-ip link controller", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "node healthcheck operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip ddos hybrid defender", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "openshift gitops", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip ssl orchestrator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "data center network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "openshift container platform assisted installer", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "ultra cloud core - serving gateway function", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2024.02.0" }, { "model": "jetty", "scope": "lt", "trust": 1.0, "vendor": "eclipse", "version": "12.0.2" }, { "model": "opensearch data prepper", "scope": "lt", "trust": 1.0, "vendor": "amazon", "version": "2.5.0" }, { "model": "prime network registrar", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.2" }, { "model": "nx-os", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "10.3\\(5\\)" }, { "model": "linkerd", "scope": "eq", "trust": 1.0, "vendor": "linkerd", "version": "2.13.1" }, { "model": "big-ip next service proxy for kubernetes", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "1.5.0" }, { "model": "openshift serverless", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "http2", "scope": "lt", "trust": 1.0, "vendor": "golang", "version": "0.17.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "istio", "scope": "gte", "trust": 1.0, "vendor": "istio", "version": "1.18.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "oncommand insight", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "jboss fuse", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "10.0" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "18.0.0" }, { "model": "traefik", "scope": "eq", "trust": 1.0, "vendor": "traefik", "version": "3.0.0" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip advanced web application firewall", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "windows 10 22h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.19045.3570" }, { "model": "big-ip carrier-grade nat", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "http server", "scope": "lt", "trust": 1.0, "vendor": "akka", "version": "10.5.3" }, { "model": "big-ip global traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "ansible automation platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "envoy", "scope": "eq", "trust": 1.0, "vendor": "envoyproxy", "version": "1.24.10" }, { "model": "http2", "scope": "lt", "trust": 1.0, "vendor": "kazu yamamoto", "version": "4.2.2" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "cryostat", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "openshift distributed tracing", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "unified contact center management portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "kong gateway", "scope": "lt", "trust": 1.0, "vendor": "konghq", "version": "3.4.2" }, { "model": "istio", "scope": "gte", "trust": 1.0, "vendor": "istio", "version": "1.19.0" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "8.5.0" }, { "model": "support for spring boot", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip application visibility and reporting", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip ssl orchestrator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "jboss fuse", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0.0" }, { "model": "big-ip ssl orchestrator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip advanced web application firewall", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "windows server 2016", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip websafe", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "grpc", "scope": "gte", "trust": 1.0, "vendor": "grpc", "version": "1.58.0" }, { "model": "build of quarkus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "logging subsystem for red hat openshift", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip carrier-grade nat", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "jetty", "scope": "lt", "trust": 1.0, "vendor": "eclipse", "version": "11.0.17" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip carrier-grade nat", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip ssl orchestrator", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "cost management", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "traffic server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "8.0.0" }, { "model": "service telemetry framework", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "1.5" }, { "model": "big-ip advanced firewall manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip application security manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "visual studio 2022", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "17.6.8" }, { "model": "secure malware analytics", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.19.2" }, { "model": "quay", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0.0" }, { "model": "linkerd", "scope": "eq", "trust": 1.0, "vendor": "linkerd", "version": "2.14.0" }, { "model": "big-ip application visibility and reporting", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "windows 11 22h2", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "10.0.22621.2428" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "decision manager", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "grpc", "scope": "lte", "trust": 1.0, "vendor": "grpc", "version": "1.59.2" }, { "model": "nghttp2", "scope": "lt", "trust": 1.0, "vendor": "nghttp2", "version": "1.57.0" }, { "model": "openshift service mesh", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "big-ip domain name system", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "grpc", "scope": "lt", "trust": 1.0, "vendor": "grpc", "version": "1.58.3" }, { "model": "openstack platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "16.2" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "prime cable provisioning", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.2.1" }, { "model": "visual studio 2022", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "17.0" }, { "model": "big-ip application visibility and reporting", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "tomcat", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "9.0.0" }, { "model": "openshift virtualization", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4" }, { "model": "big-ip access policy manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0" }, { "model": "big-ip ddos hybrid defender", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "openshift secondary scheduler operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "6.0.0" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "big-ip application visibility and reporting", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip access policy manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "linkerd", "scope": "gte", "trust": 1.0, "vendor": "linkerd", "version": "2.12.0" }, { "model": "openshift api for data protection", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip global traffic manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "node.js", "scope": "lt", "trust": 1.0, "vendor": "nodejs", "version": "18.18.2" }, { "model": "jboss a-mq", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "37" }, { "model": "prime access registrar", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "9.3.3" }, { "model": "unified contact center enterprise - live data server", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.6.2" }, { "model": "networking", "scope": "lt", "trust": 1.0, "vendor": "golang", "version": "0.17.0" }, { "model": "armeria", "scope": "lt", "trust": 1.0, "vendor": "linecorp", "version": "1.26.0" }, { "model": "big-ip websafe", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip application visibility and reporting", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip next", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "20.0.1" }, { "model": "ios xe", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "17.15.1" }, { "model": "nx-os", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "10.3\\(1\\)" }, { "model": "openstack platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "16.1" }, { "model": "grpc", "scope": "eq", "trust": 1.0, "vendor": "grpc", "version": "1.57.0" }, { "model": "big-ip application acceleration manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "openshift dev spaces", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "jetty", "scope": "gte", "trust": 1.0, "vendor": "eclipse", "version": "12.0.0" }, { "model": "big-ip analytics", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip carrier-grade nat", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "prime infrastructure", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.10.4" }, { "model": "h2o", "scope": "lt", "trust": 1.0, "vendor": "dena", "version": "2023-10-10" }, { "model": "nginx ingress controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "3.0.0" }, { "model": "openshift pipelines", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip webaccelerator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip local traffic manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "jetty", "scope": "gte", "trust": 1.0, "vendor": "eclipse", "version": "10.0.0" }, { "model": "big-ip application security manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip fraud protection service", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip fraud protection service", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "jboss enterprise application platform", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0.0" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "istio", "scope": "lt", "trust": 1.0, "vendor": "istio", "version": "1.18.3" }, { "model": "big-ip websafe", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "secure dynamic attributes connector", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.2.0" }, { "model": "big-ip websafe", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "ceph storage", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "5.0" }, { "model": "run once duration override operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip link controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "big-ip local traffic manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "integration camel k", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "visual studio 2022", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "17.7" }, { "model": "big-ip carrier-grade nat", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip ddos hybrid defender", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "envoy", "scope": "eq", "trust": 1.0, "vendor": "envoyproxy", "version": "1.27.0" }, { "model": "nginx ingress controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "2.4.2" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "integration service registry", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "firepower threat defense", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.4.2" }, { "model": "big-ip analytics", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "node.js", "scope": "gte", "trust": 1.0, "vendor": "nodejs", "version": "20.0.0" }, { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "9.0.80" }, { "model": "iot field network director", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "4.11.0" }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "asp.net core", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "6.0.0" }, { "model": "migration toolkit for virtualization", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip link controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "big-ip ssl orchestrator", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "big-ip fraud protection service", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": ".net", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "6.0.0" }, { "model": "jetty", "scope": "gte", "trust": 1.0, "vendor": "eclipse", "version": "11.0.0" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "unified attendant console advanced", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "big-ip advanced web application firewall", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "14.1.5" }, { "model": "web terminal", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "13.1.5" }, { "model": "traffic server", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "9.2.3" }, { "model": "windows server 2019", "scope": "eq", "trust": 1.0, "vendor": "microsoft", "version": null }, { "model": "linkerd", "scope": "lte", "trust": 1.0, "vendor": "linkerd", "version": "2.12.5" }, { "model": "jetty", "scope": "lt", "trust": 1.0, "vendor": "eclipse", "version": "10.0.17" }, { "model": "network observability operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip ddos hybrid defender", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "16.1.0" }, { "model": "visual studio 2022", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "17.4.12" }, { "model": "azure kubernetes service", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "2023-10-08" }, { "model": "openshift sandboxed containers", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "big-ip webaccelerator", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.0" }, { "model": "big-ip domain name system", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "tomcat", "scope": "lte", "trust": 1.0, "vendor": "apache", "version": "10.1.13" }, { "model": "big-ip application visibility and reporting", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "big-ip application acceleration manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "14.1.0" }, { "model": "big-ip application security manager", "scope": "eq", "trust": 1.0, "vendor": "f5", "version": "17.1.0" }, { "model": "big-ip next service proxy for kubernetes", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "1.8.2" }, { "model": "asp.net core", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "7.0.0" }, { "model": "big-ip ddos hybrid defender", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "15.1.0" }, { "model": "nginx ingress controller", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "2.0.0" }, { "model": "asp.net core", "scope": "lt", "trust": 1.0, "vendor": "microsoft", "version": "6.0.23" }, { "model": "openshift developer tools and services", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "connected mobile experiences", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.1" }, { "model": "nginx ingress controller", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "3.3.0" }, { "model": ".net", "scope": "gte", "trust": 1.0, "vendor": "microsoft", "version": "7.0.0" }, { "model": "contour", "scope": "lt", "trust": 1.0, "vendor": "projectcontour", "version": "2023-10-11" }, { "model": "big-ip policy enforcement manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "16.1.4" }, { "model": "big-ip advanced firewall manager", "scope": "gte", "trust": 1.0, "vendor": "f5", "version": "13.1.0" }, { "model": "self node remediation operator", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "9.0" }, { "model": "nginx", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "1.25.2" }, { "model": "big-ip advanced firewall manager", "scope": "lte", "trust": 1.0, "vendor": "f5", "version": "15.1.10" }, { "model": "envoy", "scope": "eq", "trust": 1.0, "vendor": "envoyproxy", "version": "1.26.4" }, { "model": "netty", "scope": "lt", "trust": 1.0, "vendor": "netty", "version": "4.1.100" } ], "sources": [ { "db": "NVD", "id": "CVE-2023-44487" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.57.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.1.100", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.0.2", "versionStartIncluding": "12.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.0.17", "versionStartIncluding": "11.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.17", "versionStartIncluding": "10.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.4.53", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*", "cpe_name": [], "versionEndExcluding": "0.17.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.21.3", "versionStartIncluding": "1.21.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.20.10", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*", "cpe_name": [], "versionEndExcluding": "0.17.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.1.5", "versionStartIncluding": "13.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.1.5", "versionStartIncluding": "14.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "15.1.10", "versionStartIncluding": "15.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "16.1.4", "versionStartIncluding": "16.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "r29", "versionStartIncluding": "r25", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.8.2", "versionStartIncluding": "1.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.25.2", "versionStartIncluding": "1.9.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.4.2", "versionStartIncluding": "2.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.3.0", "versionStartIncluding": "3.0.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "9.0.80", "versionStartIncluding": "9.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "8.5.93", "versionStartIncluding": "8.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.1.13", "versionStartIncluding": "10.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*", "cpe_name": [], "versionEndExcluding": "1.28.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", "cpe_name": [], "versionEndExcluding": "1.58.3", "versionStartIncluding": "1.58.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*", "cpe_name": [], "versionEndExcluding": "1.56.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", "cpe_name": [], "versionEndIncluding": "1.59.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.19045.3570", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.17763.4974", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.22000.2538", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.22621.2428", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*", "cpe_name": [], "versionEndExcluding": "10.0.14393.6351", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*", "cpe_name": [], "versionEndExcluding": "10.0.14393.6351", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.0.12", "versionStartIncluding": "7.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.19044.3570", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.7.5", "versionStartIncluding": "17.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.6.8", "versionStartIncluding": "17.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.4.12", "versionStartIncluding": "17.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.2.20", "versionStartIncluding": "17.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.23", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.0.12", "versionStartIncluding": "7.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.23", "versionStartIncluding": "6.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2023-10-08", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "cpe_name": [], "versionEndExcluding": "18.18.2", "versionStartIncluding": "18.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.8.1", "versionStartIncluding": "20.0.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2023-10-11", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2023-10-10", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2023.10.16.00", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.2.3", "versionStartIncluding": "9.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.1.9", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.6.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.5.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.2.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.19.1", "versionStartIncluding": "1.19.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.18.3", "versionStartIncluding": "1.18.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.17.6", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2023-10-10", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.10.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*", "cpe_name": [], "versionEndExcluding": "2023-10-11", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*", "cpe_name": [], "versionEndIncluding": "2.12.5", "versionStartIncluding": "2.12.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.26.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.5.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "versionEndExcluding": "3.4.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndIncluding": "2.427", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "cpe_name": [], "versionEndIncluding": "2.414.2", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.4.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.21.4.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.10.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.19.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.4.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.22", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.3.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.11.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.11.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.1.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "x14.3.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "x14.3.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.6.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2024.02.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2024.02.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2024.01.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.2\\(7\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.3\\(5\\)", "versionStartIncluding": "10.3\\(1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.2\\(7\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.3\\(5\\)", "versionStartIncluding": "10.3\\(1\\)", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-44487" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "175239" }, { "db": "PACKETSTORM", "id": "175234" }, { "db": "PACKETSTORM", "id": "175230" }, { "db": "PACKETSTORM", "id": "175126" }, { "db": "PACKETSTORM", "id": "175160" }, { "db": "PACKETSTORM", "id": "175376" } ], "trust": 0.6 }, "cve": "CVE-2023-44487", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2023-44487", "trust": 1.0, "value": "HIGH" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2023-44487" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. \n\n\n\n\nDescription:\n\nAMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section. \n\n\n\n\nDescription:\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. \n\n\n\n\nDescription:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. \n\n\n\n\nDescription:\n\nnghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. \n\nThe following data is constructed from data provided by Red Hat\u0027s json file at:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. \n\n- Packet Storm Staff\n\n\n\n\n====================================================================\nRed Hat Security Advisory\n\nSynopsis: Important: dotnet6.0 security update\nAdvisory ID: RHSA-2023:5710-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:5710\nIssue date: 2023-10-16\nRevision: 01\nCVE Names: CVE-2023-44487\n====================================================================\n\nSummary: \n\nAn update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. \n\n\n\n\nDescription:\n\n.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. \n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\n\nSolution:\n\nhttps://access.redhat.com/articles/11258\n\n\n\nCVEs:\n\nCVE-2023-44487\n\nReferences:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003\n\n. ==========================================================================\nUbuntu Security Notice USN-6754-1\nApril 25, 2024\n\nnghttp2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in nghttp2. \n\nSoftware Description:\n- nghttp2: HTTP/2 C Library and tools\n\nDetails:\n\nIt was discovered that nghttp2 incorrectly handled the HTTP/2\nimplementation. A remote attacker could possibly use this issue to cause\nnghttp2 to consume resources, leading to a denial of service. This issue\nonly affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511,\nCVE-2019-9513)\n\nIt was discovered that nghttp2 incorrectly handled request cancellation. A\nremote attacker could possibly use this issue to cause nghttp2 to consume\nresources, leading to a denial of service. This issue only affected Ubuntu\n16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)\n\nIt was discovered that nghttp2 could be made to process an unlimited number\nof HTTP/2 CONTINUATION frames. A remote attacker could possibly use this\nissue to cause nghttp2 to consume resources, leading to a denial of\nservice. (CVE-2024-28182)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.10:\n libnghttp2-14 1.55.1-1ubuntu0.2\n nghttp2 1.55.1-1ubuntu0.2\n nghttp2-client 1.55.1-1ubuntu0.2\n nghttp2-proxy 1.55.1-1ubuntu0.2\n nghttp2-server 1.55.1-1ubuntu0.2\n\nUbuntu 22.04 LTS:\n libnghttp2-14 1.43.0-1ubuntu0.2\n nghttp2 1.43.0-1ubuntu0.2\n nghttp2-client 1.43.0-1ubuntu0.2\n nghttp2-proxy 1.43.0-1ubuntu0.2\n nghttp2-server 1.43.0-1ubuntu0.2\n\nUbuntu 20.04 LTS:\n libnghttp2-14 1.40.0-1ubuntu0.3\n nghttp2 1.40.0-1ubuntu0.3\n nghttp2-client 1.40.0-1ubuntu0.3\n nghttp2-proxy 1.40.0-1ubuntu0.3\n nghttp2-server 1.40.0-1ubuntu0.3\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n libnghttp2-14 1.30.0-1ubuntu1+esm2\n nghttp2 1.30.0-1ubuntu1+esm2\n nghttp2-client 1.30.0-1ubuntu1+esm2\n nghttp2-proxy 1.30.0-1ubuntu1+esm2\n nghttp2-server 1.30.0-1ubuntu1+esm2\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n libnghttp2-14 1.7.1-1ubuntu0.1~esm2\n nghttp2 1.7.1-1ubuntu0.1~esm2\n nghttp2-client 1.7.1-1ubuntu0.1~esm2\n nghttp2-proxy 1.7.1-1ubuntu0.1~esm2\n nghttp2-server 1.7.1-1ubuntu0.1~esm2\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5558-1 security@debian.org\nhttps://www.debian.org/security/ Markus Koschany\nNovember 18, 2023 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : netty\nCVE ID : CVE-2023-34462 CVE-2023-44487\nDebian Bug : 1038947 1054234\n\nTwo security vulnerabilities have been discovered in Netty, a Java NIO\nclient/server socket framework. \n\nCVE-2023-34462\n\n It might be possible for a remote peer to send a client hello packet during\n a TLS handshake which lead the server to buffer up to 16 MB of data per\n connection. This could lead to a OutOfMemoryError and so result in a denial\n of service. \n This problem is also known as Rapid Reset Attack. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 1:4.1.48-4+deb11u2. \n\nFor the stable distribution (bookworm), these problems have been fixed in\nversion 1:4.1.48-7+deb12u1. \n\nWe recommend that you upgrade your netty packages. \n\nFor the detailed security status of netty please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97\nUNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0\neamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH\n1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB\neAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g\nSUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza\nDa8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1\ng6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom\nrrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0\nP3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg\nO6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI=\n=4ExT\n-----END PGP SIGNATURE-----\n. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience", "sources": [ { "db": "NVD", "id": "CVE-2023-44487" }, { "db": "PACKETSTORM", "id": "175239" }, { "db": "PACKETSTORM", "id": "175234" }, { "db": "PACKETSTORM", "id": "175230" }, { "db": "PACKETSTORM", "id": "175126" }, { "db": "PACKETSTORM", "id": "175160" }, { "db": "PACKETSTORM", "id": "178284" }, { "db": "PACKETSTORM", "id": "175875" }, { "db": "PACKETSTORM", "id": "175807" }, { "db": "PACKETSTORM", "id": "175376" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2023-44487", "trust": 1.9 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/18/8", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/10/6", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/19/6", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/18/4", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/13/4", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/13/9", "trust": 1.0 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2023/10/20/8", "trust": 1.0 }, { "db": "PACKETSTORM", "id": "175239", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175234", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175230", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175126", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175160", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "178284", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175875", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175807", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "175376", "trust": 0.1 } ], "sources": [ { "db": "PACKETSTORM", "id": "175239" }, { "db": "PACKETSTORM", "id": "175234" }, { "db": "PACKETSTORM", "id": "175230" }, { "db": "PACKETSTORM", "id": "175126" }, { "db": "PACKETSTORM", "id": "175160" }, { "db": "PACKETSTORM", "id": "178284" }, { "db": "PACKETSTORM", "id": "175875" }, { "db": "PACKETSTORM", "id": "175807" }, { "db": "PACKETSTORM", "id": "175376" }, { "db": "NVD", "id": "CVE-2023-44487" } ] }, "id": "VAR-202310-0175", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.465728264 }, "last_update_date": "2024-07-23T21:36:24.758000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-400", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2023-44487" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4" }, { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9" }, { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4" }, { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8" }, { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6" }, { "trust": 1.0, "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8" }, { "trust": 1.0, "url": "https://access.redhat.com/security/cve/cve-2023-44487" }, { "trust": 1.0, "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/" }, { "trust": 1.0, "url": "https://aws.amazon.com/security/security-bulletins/aws-2023-011/" }, { "trust": 1.0, "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/" }, { "trust": 1.0, "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/" }, { "trust": 1.0, "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/" }, { "trust": 1.0, "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack" }, { "trust": 1.0, "url": "https://blog.vespa.ai/cve-2023-44487/" }, { "trust": 1.0, "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988" }, { "trust": 1.0, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803" }, { "trust": 1.0, "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123" }, { "trust": 1.0, "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9" }, { "trust": 1.0, "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/" }, { "trust": 1.0, "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack" }, { "trust": 1.0, "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125" }, { "trust": 1.0, "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715" }, { "trust": 1.0, "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve" }, { "trust": 1.0, "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764" }, { "trust": 1.0, "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088" }, { "trust": 1.0, "url": "https://github.com/azure/aks/issues/3947" }, { "trust": 1.0, "url": "https://github.com/kong/kong/discussions/11741" }, { "trust": 1.0, "url": "https://github.com/advisories/ghsa-qppj-fm5r-hxr3" }, { "trust": 1.0, "url": "https://github.com/advisories/ghsa-vx74-f528-fxqg" }, { "trust": 1.0, "url": "https://github.com/advisories/ghsa-xpw8-rcwv-8f8p" }, { "trust": 1.0, "url": "https://github.com/akka/akka-http/issues/4323" }, { "trust": 1.0, "url": "https://github.com/alibaba/tengine/issues/1872" }, { "trust": 1.0, "url": "https://github.com/apache/apisix/issues/10320" }, { "trust": 1.0, "url": "https://github.com/apache/httpd-site/pull/10" }, { "trust": 1.0, "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113" }, { "trust": 1.0, "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2" }, { "trust": 1.0, "url": "https://github.com/apache/trafficserver/pull/10564" }, { "trust": 1.0, "url": "https://github.com/arkrwn/poc/tree/main/cve-2023-44487" }, { "trust": 1.0, "url": "https://github.com/bcdannyboy/cve-2023-44487" }, { "trust": 1.0, "url": "https://github.com/caddyserver/caddy/issues/5877" }, { "trust": 1.0, "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5" }, { "trust": 1.0, "url": "https://github.com/dotnet/announcements/issues/277" }, { "trust": 1.0, "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73" }, { "trust": 1.0, "url": "https://github.com/eclipse/jetty.project/issues/10679" }, { "trust": 1.0, "url": "https://github.com/envoyproxy/envoy/pull/30055" }, { "trust": 1.0, "url": "https://github.com/etcd-io/etcd/issues/16740" }, { "trust": 1.0, "url": "https://github.com/facebook/proxygen/pull/466" }, { "trust": 1.0, "url": "https://github.com/golang/go/issues/63417" }, { "trust": 1.0, "url": "https://github.com/grpc/grpc-go/pull/6703" }, { "trust": 1.0, "url": "https://github.com/h2o/h2o/pull/3291" }, { "trust": 1.0, "url": "https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf" }, { "trust": 1.0, "url": "https://github.com/haproxy/haproxy/issues/2312" }, { "trust": 1.0, "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244" }, { "trust": 1.0, "url": "https://github.com/junkurihara/rust-rpxy/issues/97" }, { "trust": 1.0, "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1" }, { "trust": 1.0, "url": "https://github.com/kazu-yamamoto/http2/issues/93" }, { "trust": 1.0, "url": "https://github.com/kubernetes/kubernetes/pull/121120" }, { "trust": 1.0, "url": "https://github.com/line/armeria/pull/5232" }, { "trust": 1.0, "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632" }, { "trust": 1.0, "url": "https://github.com/micrictor/http2-rst-stream" }, { "trust": 1.0, "url": "https://github.com/microsoft/cbl-mariner/pull/6381" }, { "trust": 1.0, "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61" }, { "trust": 1.0, "url": "https://github.com/nghttp2/nghttp2/pull/1961" }, { "trust": 1.0, "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0" }, { "trust": 1.0, "url": "https://github.com/ninenines/cowboy/issues/1615" }, { "trust": 1.0, "url": "https://github.com/nodejs/node/pull/50121" }, { "trust": 1.0, "url": "https://github.com/openresty/openresty/issues/930" }, { "trust": 1.0, "url": "https://github.com/opensearch-project/data-prepper/issues/3474" }, { "trust": 1.0, "url": "https://github.com/oqtane/oqtane.framework/discussions/3367" }, { "trust": 1.0, "url": "https://github.com/projectcontour/contour/pull/5826" }, { "trust": 1.0, "url": "https://github.com/tempesta-tech/tempesta/issues/1986" }, { "trust": 1.0, "url": "https://github.com/varnishcache/varnish-cache/issues/3996" }, { "trust": 1.0, "url": "https://groups.google.com/g/golang-announce/c/innxdtcjzvo" }, { "trust": 1.0, "url": "https://istio.io/latest/news/security/istio-security-2023-004/" }, { "trust": 1.0, "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/" }, { "trust": 1.0, "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html" }, { "trust": 1.0, "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/" }, { "trust": 1.0, "url": "https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html" }, { "trust": 1.0, "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html" }, { "trust": 1.0, "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html" }, { "trust": 1.0, "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/" }, { "trust": 1.0, "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487" }, { "trust": 1.0, "url": "https://my.f5.com/manage/s/article/k000137106" }, { "trust": 1.0, "url": "https://netty.io/news/2023/10/10/4-1-100-final.html" }, { "trust": 1.0, "url": "https://news.ycombinator.com/item?id=37830987" }, { "trust": 1.0, "url": "https://news.ycombinator.com/item?id=37830998" }, { "trust": 1.0, "url": "https://news.ycombinator.com/item?id=37831062" }, { "trust": 1.0, "url": "https://news.ycombinator.com/item?id=37837043" }, { "trust": 1.0, "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/" }, { "trust": 1.0, "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected" }, { "trust": 1.0, "url": "https://security.gentoo.org/glsa/202311-09" }, { "trust": 1.0, "url": "https://security.netapp.com/advisory/ntap-20231016-0001/" }, { "trust": 1.0, "url": "https://security.netapp.com/advisory/ntap-20240426-0007/" }, { "trust": 1.0, "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "trust": 1.0, "url": "https://security.netapp.com/advisory/ntap-20240621-0007/" }, { "trust": 1.0, "url": "https://security.paloaltonetworks.com/cve-2023-44487" }, { "trust": 1.0, "url": "https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14" }, { "trust": 1.0, "url": "https://ubuntu.com/security/cve-2023-44487" }, { "trust": 1.0, "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/" }, { "trust": 1.0, "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487" }, { "trust": 1.0, "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5521" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5522" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5540" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5549" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5558" }, { "trust": 1.0, "url": "https://www.debian.org/security/2023/dsa-5570" }, { "trust": 1.0, "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487" }, { "trust": 1.0, "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/" }, { "trust": 1.0, "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/" }, { "trust": 1.0, "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6" }, { "trust": 1.0, "url": "https://www.phoronix.com/news/http2-rapid-reset-attack" }, { "trust": 1.0, "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/" }, { "trust": 0.9, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-44487" }, { "trust": 0.6, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.5, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.5, "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2023-003" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5945.json" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.10.4" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:5945" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5928.json" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:5928" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5922.json" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:5922" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:5766" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5766.json" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:5710" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.40.0-1ubuntu0.3" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-6754-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.43.0-1ubuntu0.2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.55.1-1ubuntu0.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2024-28182" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.40.0-1ubuntu0.2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.55.1-1ubuntu0.1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-6505-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.52.0-1ubuntu0.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.43.0-1ubuntu0.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2023-34462" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/netty" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6105.json" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2023:6105" } ], "sources": [ { "db": "PACKETSTORM", "id": "175239" }, { "db": "PACKETSTORM", "id": "175234" }, { "db": "PACKETSTORM", "id": "175230" }, { "db": "PACKETSTORM", "id": "175126" }, { "db": "PACKETSTORM", "id": "175160" }, { "db": "PACKETSTORM", "id": "178284" }, { "db": "PACKETSTORM", "id": "175875" }, { "db": "PACKETSTORM", "id": "175807" }, { "db": "PACKETSTORM", "id": "175376" }, { "db": "NVD", "id": "CVE-2023-44487" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "PACKETSTORM", "id": "175239" }, { "db": "PACKETSTORM", "id": "175234" }, { "db": "PACKETSTORM", "id": "175230" }, { "db": "PACKETSTORM", "id": "175126" }, { "db": "PACKETSTORM", "id": "175160" }, { "db": "PACKETSTORM", "id": "178284" }, { "db": "PACKETSTORM", "id": "175875" }, { "db": "PACKETSTORM", "id": "175807" }, { "db": "PACKETSTORM", "id": "175376" }, { "db": "NVD", "id": "CVE-2023-44487" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-10-20T14:34:30", "db": "PACKETSTORM", "id": "175239" }, { "date": "2023-10-20T14:33:16", "db": "PACKETSTORM", "id": "175234" }, { "date": "2023-10-20T14:32:33", "db": "PACKETSTORM", "id": "175230" }, { "date": "2023-10-17T15:39:55", "db": "PACKETSTORM", "id": "175126" }, { "date": "2023-10-18T16:23:08", "db": "PACKETSTORM", "id": "175160" }, { "date": "2024-04-26T15:13:40", "db": "PACKETSTORM", "id": "178284" }, { "date": "2023-11-22T16:28:02", "db": "PACKETSTORM", "id": "175875" }, { "date": "2023-11-20T16:25:51", "db": "PACKETSTORM", "id": "175807" }, { "date": "2023-10-27T12:55:12", "db": "PACKETSTORM", "id": "175376" }, { "date": "2023-10-10T14:15:10.883000", "db": "NVD", "id": "CVE-2023-44487" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2024-06-27T18:34:22.110000", "db": "NVD", "id": "CVE-2023-44487" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "178284" }, { "db": "PACKETSTORM", "id": "175875" } ], "trust": 0.2 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat Security Advisory 2023-5945-01", "sources": [ { "db": "PACKETSTORM", "id": "175239" } ], "trust": 0.1 } }