Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    189 vulnerabilities by linecorp

    CVE-2026-3861 (GCVE-0-2026-3861)

    Vulnerability from nvd – Published: 2026-04-16 05:54 – Updated: 2026-05-22 05:00
    VLAI
    Summary
    LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LY Corporation LINE client for iOS Unaffected: 26.3.0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3861",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T12:16:15.191045Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-16T12:31:11.953Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "LINE client for iOS",
              "vendor": "LY Corporation",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T05:00:53.312Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3422905"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2026-3861",
        "datePublished": "2026-04-16T05:54:05.194Z",
        "dateReserved": "2026-03-10T05:02:39.735Z",
        "dateUpdated": "2026-05-22T05:00:53.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14023 (GCVE-0-2025-14023)

    Vulnerability from nvd – Published: 2025-12-15 06:45 – Updated: 2026-01-07 15:10
    VLAI
    Summary
    LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.0.0 , < 15.19 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14023",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T18:23:07.942451Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T15:10:15.432Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "permissions-required"
                ],
                "url": "https://hackerone.com/reports/3260386"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.19",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser\u0027s user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 3.1,
                "environmentalSeverity": "LOW",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 3.1,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:45:23.025Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3260386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14023",
        "datePublished": "2025-12-15T06:45:23.025Z",
        "dateReserved": "2025-12-04T11:45:06.869Z",
        "dateUpdated": "2026-01-07T15:10:15.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14022 (GCVE-0-2025-14022)

    Vulnerability from nvd – Published: 2025-12-15 06:43 – Updated: 2026-01-07 15:07
    VLAI
    Summary
    LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of network traffic, which could allow a network-adjacent attacker to intercept or modify encrypted communications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 15.3 , < 15.4 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T18:37:27.672507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "CWE-295 Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T15:07:56.850Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.4",
                  "status": "affected",
                  "version": "15.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application\u0027s network processing, causing server certificate verification to be disabled for a significant portion of network traffic, which could allow a network-adjacent attacker to intercept or modify encrypted communications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.7,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "LOW",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.7,
                "temporalSeverity": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:43:47.276Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2853445"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14022",
        "datePublished": "2025-12-15T06:43:47.276Z",
        "dateReserved": "2025-12-04T11:45:01.936Z",
        "dateUpdated": "2026-01-07T15:07:56.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14021 (GCVE-0-2025-14021)

    Vulnerability from nvd – Published: 2025-12-15 06:41 – Updated: 2025-12-15 15:49
    VLAI
    Summary
    The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.13 , < 14.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14021",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:48:45.634591Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:49:07.716Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.14",
                  "status": "affected",
                  "version": "14.13",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 4.3,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 4.3,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:45:46.378Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2548498"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14021",
        "datePublished": "2025-12-15T06:41:37.992Z",
        "dateReserved": "2025-12-04T11:44:56.068Z",
        "dateUpdated": "2025-12-15T15:49:07.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14020 (GCVE-0-2025-14020)

    Vulnerability from nvd – Published: 2025-12-15 06:39 – Updated: 2025-12-15 15:52
    VLAI
    Summary
    LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for Android Affected: 10.0 , < 14.20 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14020",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:52:00.170038Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:52:04.173Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for Android",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.20",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 5.4,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 5.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:39:51.980Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2547989"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14020",
        "datePublished": "2025-12-15T06:39:51.980Z",
        "dateReserved": "2025-12-04T11:44:51.875Z",
        "dateUpdated": "2025-12-15T15:52:04.173Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14019 (GCVE-0-2025-14019)

    Vulnerability from nvd – Published: 2025-12-15 06:38 – Updated: 2025-12-15 15:53
    VLAI
    Summary
    LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for Android Affected: 13.8 , < 15.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14019",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:53:26.382497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:53:29.670Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for Android",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.6",
                  "status": "affected",
                  "version": "13.8",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 3.4,
                "environmentalSeverity": "LOW",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 3.4,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:38:05.914Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3062270"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14019",
        "datePublished": "2025-12-15T06:38:05.914Z",
        "dateReserved": "2025-12-04T11:44:41.504Z",
        "dateUpdated": "2025-12-15T15:53:29.670Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11222 (GCVE-0-2025-11222)

    Vulnerability from nvd – Published: 2025-12-04 12:18 – Updated: 2025-12-04 14:41
    VLAI
    Summary
    Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Central Dogma Affected: 0.77 , < 0.78.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11222",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-04T14:41:10.607528Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-601",
                    "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-04T14:41:14.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Central Dogma",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "0.78.0",
                  "status": "affected",
                  "version": "0.77",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 6.1,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 6.1,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-04T12:18:14.206Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-11222",
        "datePublished": "2025-12-04T12:18:14.206Z",
        "dateReserved": "2025-10-01T01:03:38.026Z",
        "dateUpdated": "2025-12-04T14:41:14.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-5739 (GCVE-0-2024-5739)

    Vulnerability from nvd – Published: 2024-06-12 07:00 – Updated: 2025-03-28 23:50
    VLAI
    Summary
    The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app browser. The in-app browser is usually opened by tapping on URLs contained in chat messages, and for the attack to be successful, the victim must trigger a click event on a malicious iframe. If an iframe embedded in any website can be controlled by an attacker, this vulnerability could be exploited to capture or alter content displayed in the top frame, as well as user session information. This vulnerability affects LINE client for iOS versions below 14.9.0 and does not affect other LINE clients such as LINE client for Android. Please update LINE client for iOS to version 14.9.0 or higher.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.0.0 , < 14.9.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5739",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-12T19:19:41.096728Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T23:50:07.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:18:07.121Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hackerone.com/reports/2284129"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.9.0",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app browser. The in-app browser is usually opened by tapping on URLs contained in chat messages, and for the attack to be successful, the victim must trigger a click event on a malicious iframe. If an iframe embedded in any website can be controlled by an attacker, this vulnerability could be exploited to capture or alter content displayed in the top frame, as well as user session information. This vulnerability affects LINE client for iOS versions below 14.9.0 and does not affect other LINE clients such as LINE client for Android. Please update LINE client for iOS to version 14.9.0 or higher."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 6.1,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 6.1,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-20T10:37:22.506Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2284129"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2024-5739",
        "datePublished": "2024-06-12T07:00:35.232Z",
        "dateReserved": "2024-06-07T07:08:09.783Z",
        "dateUpdated": "2025-03-28T23:50:07.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-1735 (GCVE-0-2024-1735)

    Vulnerability from nvd – Published: 2024-02-26 07:25 – Updated: 2025-08-26 20:01
    VLAI
    Summary
    A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Armeria Affected: 0.69.0 , < 1.27.2 (semver)
    Create a notification for this product.
    linecorp armeria Affected: 0.69.0 , < 1.27.2 (custom)
        cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:48:21.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "armeria",
                "vendor": "linecorp",
                "versions": [
                  {
                    "lessThan": "1.27.2",
                    "status": "affected",
                    "version": "0.69.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1735",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-04T21:31:51.106962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-287",
                    "description": "CWE-287 Improper Authentication",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-26T20:01:39.603Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Armeria",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "1.27.2",
                  "status": "affected",
                  "version": "0.69.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-12T07:57:43.872Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2024-1735",
        "datePublished": "2024-02-26T07:25:42.406Z",
        "dateReserved": "2024-02-22T05:17:44.461Z",
        "dateUpdated": "2025-08-26T20:01:39.603Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-1143 (GCVE-0-2024-1143)

    Vulnerability from nvd – Published: 2024-02-02 06:01 – Updated: 2025-06-03 18:49
    VLAI
    Summary
    Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Central Dogma Affected: 0.63.3 , < 0.64.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-02T19:51:13.437915Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T18:49:03.700Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:26:30.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Central Dogma",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "0.64.1",
                  "status": "affected",
                  "version": "0.63.3",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T06:59:56.850Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LINE"
          },
          "references": [
            {
              "url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LINE",
        "cveId": "CVE-2024-1143",
        "datePublished": "2024-02-02T06:01:39.341Z",
        "dateReserved": "2024-02-01T04:33:49.542Z",
        "dateUpdated": "2025-06-03T18:49:03.700Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48129 (GCVE-0-2023-48129)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-20 19:39
    VLAI
    Summary
    An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:39.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/kimono-oldnew.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48129",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-31T17:41:10.351334Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-20T19:39:02.754Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T07:12:00.649Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/kimono-oldnew.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48129",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-20T19:39:02.754Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48135 (GCVE-0-2023-48135)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-17 15:22
    VLAI
    Summary
    An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:39.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/mimasaka_farm.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48135",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-31T20:31:14.230576Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T15:22:52.066Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T06:25:48.943Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/mimasaka_farm.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48135",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-17T15:22:52.066Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48133 (GCVE-0-2023-48133)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-16 18:19
    VLAI
    Summary
    An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:39.011Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/angel%20coffee.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48133",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-16T18:18:32.036126Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-16T18:19:18.573Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T06:56:25.809Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/angel%20coffee.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48133",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-16T18:19:18.573Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48132 (GCVE-0-2023-48132)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-20 19:39
    VLAI
    Summary
    An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:38.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/esportsstudioLegends.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48132",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-28T01:15:26.140422Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-20T19:39:44.038Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T06:50:04.345Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/esportsstudioLegends.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48132",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-20T19:39:44.038Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48131 (GCVE-0-2023-48131)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-17 15:20
    VLAI
    Summary
    An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:38.962Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/CHIGASAKI%20BAKERY.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48131",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-29T18:57:38.109482Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T15:20:50.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T06:42:05.223Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/CHIGASAKI%20BAKERY.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48131",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-17T15:20:50.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48130 (GCVE-0-2023-48130)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2024-09-04 19:24
    VLAI
    Summary
    An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    linecorp line Affected: 13.6.1
        cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:39.195Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/GINZA%20CAFE.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "line",
                "vendor": "linecorp",
                "versions": [
                  {
                    "status": "affected",
                    "version": "13.6.1"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48130",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-27T14:39:14.912174Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-200",
                    "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-04T19:24:59.803Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T07:04:47.064Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/GINZA%20CAFE.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48130",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2024-09-04T19:24:59.803Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48128 (GCVE-0-2023-48128)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-05-29 15:18
    VLAI
    Summary
    An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:38.734Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/UNITED%20BOXING%20GYM.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48128",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-09T23:37:27.335088Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:18:00.554Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T07:02:12.168Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/UNITED%20BOXING%20GYM.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48128",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-05-29T15:18:00.554Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48127 (GCVE-0-2023-48127)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-06-11 16:57
    VLAI
    Summary
    An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:39.062Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/myGAKUYA.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48127",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-27T15:20:08.759951Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T16:57:22.164Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T06:30:13.648Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/myGAKUYA.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48127",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-06-11T16:57:22.164Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-48126 (GCVE-0-2023-48126)

    Vulnerability from nvd – Published: 2024-01-26 00:00 – Updated: 2025-05-29 15:18
    VLAI
    Summary
    An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:23:38.671Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/syz913/CVE-reports/blob/main/Luxe%20Beauty%20Clinic.md"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "LOW",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-48126",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-08T17:24:12.042609Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-29T15:18:11.174Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-26T07:06:48.220Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/syz913/CVE-reports/blob/main/Luxe%20Beauty%20Clinic.md"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-48126",
        "datePublished": "2024-01-26T00:00:00.000Z",
        "dateReserved": "2023-11-13T00:00:00.000Z",
        "dateUpdated": "2025-05-29T15:18:11.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-3861 (GCVE-0-2026-3861)

    Vulnerability from cvelistv5 – Published: 2026-04-16 05:54 – Updated: 2026-05-22 05:00
    VLAI
    Summary
    LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LY Corporation LINE client for iOS Unaffected: 26.3.0 , < * (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-3861",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-16T12:16:15.191045Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-16T12:31:11.953Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "LINE client for iOS",
              "vendor": "LY Corporation",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "26.3.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
                "version": "4.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-400",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-22T05:00:53.312Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3422905"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2026-3861",
        "datePublished": "2026-04-16T05:54:05.194Z",
        "dateReserved": "2026-03-10T05:02:39.735Z",
        "dateUpdated": "2026-05-22T05:00:53.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14023 (GCVE-0-2025-14023)

    Vulnerability from cvelistv5 – Published: 2025-12-15 06:45 – Updated: 2026-01-07 15:10
    VLAI
    Summary
    LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.0.0 , < 15.19 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14023",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T18:23:07.942451Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T15:10:15.432Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "permissions-required"
                ],
                "url": "https://hackerone.com/reports/3260386"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.19",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser\u0027s user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 3.1,
                "environmentalSeverity": "LOW",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 3.1,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:45:23.025Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3260386"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14023",
        "datePublished": "2025-12-15T06:45:23.025Z",
        "dateReserved": "2025-12-04T11:45:06.869Z",
        "dateUpdated": "2026-01-07T15:10:15.432Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14022 (GCVE-0-2025-14022)

    Vulnerability from cvelistv5 – Published: 2025-12-15 06:43 – Updated: 2026-01-07 15:07
    VLAI
    Summary
    LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application's network processing, causing server certificate verification to be disabled for a significant portion of network traffic, which could allow a network-adjacent attacker to intercept or modify encrypted communications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-295 - Improper Certificate Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 15.3 , < 15.4 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14022",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T18:37:27.672507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "CWE-295 Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-07T15:07:56.850Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.4",
                  "status": "affected",
                  "version": "15.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated financial SDK. The SDK interfered with the application\u0027s network processing, causing server certificate verification to be disabled for a significant portion of network traffic, which could allow a network-adjacent attacker to intercept or modify encrypted communications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 7.7,
                "environmentalSeverity": "HIGH",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "HIGH",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "LOW",
                "modifiedConfidentialityImpact": "HIGH",
                "modifiedIntegrityImpact": "HIGH",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 7.7,
                "temporalSeverity": "HIGH",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:43:47.276Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2853445"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14022",
        "datePublished": "2025-12-15T06:43:47.276Z",
        "dateReserved": "2025-12-04T11:45:01.936Z",
        "dateUpdated": "2026-01-07T15:07:56.850Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14021 (GCVE-0-2025-14021)

    Vulnerability from cvelistv5 – Published: 2025-12-15 06:41 – Updated: 2025-12-15 15:49
    VLAI
    Summary
    The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.13 , < 14.14 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14021",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:48:45.634591Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:49:07.716Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.14",
                  "status": "affected",
                  "version": "14.13",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 4.3,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 4.3,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:45:46.378Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2548498"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14021",
        "datePublished": "2025-12-15T06:41:37.992Z",
        "dateReserved": "2025-12-04T11:44:56.068Z",
        "dateUpdated": "2025-12-15T15:49:07.716Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14020 (GCVE-0-2025-14020)

    Vulnerability from cvelistv5 – Published: 2025-12-15 06:39 – Updated: 2025-12-15 15:52
    VLAI
    Summary
    LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for Android Affected: 10.0 , < 14.20 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14020",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:52:00.170038Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:52:04.173Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for Android",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.20",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 5.4,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "UNCHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "UNCHANGED",
                "temporalScore": 5.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:39:51.980Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2547989"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14020",
        "datePublished": "2025-12-15T06:39:51.980Z",
        "dateReserved": "2025-12-04T11:44:51.875Z",
        "dateUpdated": "2025-12-15T15:52:04.173Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14019 (GCVE-0-2025-14019)

    Vulnerability from cvelistv5 – Published: 2025-12-15 06:38 – Updated: 2025-12-15 15:53
    VLAI
    Summary
    LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-451 - User Interface (UI) Misrepresentation of Critical Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for Android Affected: 13.8 , < 15.6 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14019",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-15T15:53:26.382497Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-451",
                    "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-15T15:53:29.670Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for Android",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "15.6",
                  "status": "affected",
                  "version": "13.8",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 3.4,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 3.4,
                "environmentalSeverity": "LOW",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "HIGH",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "NONE",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 3.4,
                "temporalSeverity": "LOW",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-15T06:38:05.914Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/3062270"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-14019",
        "datePublished": "2025-12-15T06:38:05.914Z",
        "dateReserved": "2025-12-04T11:44:41.504Z",
        "dateUpdated": "2025-12-15T15:53:29.670Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-11222 (GCVE-0-2025-11222)

    Vulnerability from cvelistv5 – Published: 2025-12-04 12:18 – Updated: 2025-12-04 14:41
    VLAI
    Summary
    Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Central Dogma Affected: 0.77 , < 0.78.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-11222",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-04T14:41:10.607528Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-601",
                    "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-04T14:41:14.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Central Dogma",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "0.78.0",
                  "status": "affected",
                  "version": "0.77",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 6.1,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 6.1,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-04T12:18:14.206Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://github.com/line/centraldogma/security/advisories/GHSA-4hr2-xf7w-jf76"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2025-11222",
        "datePublished": "2025-12-04T12:18:14.206Z",
        "dateReserved": "2025-10-01T01:03:38.026Z",
        "dateUpdated": "2025-12-04T14:41:14.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-5739 (GCVE-0-2024-5739)

    Vulnerability from cvelistv5 – Published: 2024-06-12 07:00 – Updated: 2025-03-28 23:50
    VLAI
    Summary
    The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app browser. The in-app browser is usually opened by tapping on URLs contained in chat messages, and for the attack to be successful, the victim must trigger a click event on a malicious iframe. If an iframe embedded in any website can be controlled by an attacker, this vulnerability could be exploited to capture or alter content displayed in the top frame, as well as user session information. This vulnerability affects LINE client for iOS versions below 14.9.0 and does not affect other LINE clients such as LINE client for Android. Please update LINE client for iOS to version 14.9.0 or higher.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    LINE Corporation LINE client for iOS Affected: 14.0.0 , < 14.9.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5739",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-12T19:19:41.096728Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-28T23:50:07.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:18:07.121Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://hackerone.com/reports/2284129"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "LINE client for iOS",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "14.9.0",
                  "status": "affected",
                  "version": "14.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app browser. The in-app browser is usually opened by tapping on URLs contained in chat messages, and for the attack to be successful, the victim must trigger a click event on a malicious iframe. If an iframe embedded in any website can be controlled by an attacker, this vulnerability could be exploited to capture or alter content displayed in the top frame, as well as user session information. This vulnerability affects LINE client for iOS versions below 14.9.0 and does not affect other LINE clients such as LINE client for Android. Please update LINE client for iOS to version 14.9.0 or higher."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "availabilityRequirement": "NOT_DEFINED",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "confidentialityRequirement": "NOT_DEFINED",
                "environmentalScore": 6.1,
                "environmentalSeverity": "MEDIUM",
                "exploitCodeMaturity": "NOT_DEFINED",
                "integrityImpact": "LOW",
                "integrityRequirement": "NOT_DEFINED",
                "modifiedAttackComplexity": "LOW",
                "modifiedAttackVector": "NETWORK",
                "modifiedAvailabilityImpact": "NONE",
                "modifiedConfidentialityImpact": "LOW",
                "modifiedIntegrityImpact": "LOW",
                "modifiedPrivilegesRequired": "NONE",
                "modifiedScope": "CHANGED",
                "modifiedUserInteraction": "REQUIRED",
                "privilegesRequired": "NONE",
                "remediationLevel": "NOT_DEFINED",
                "reportConfidence": "NOT_DEFINED",
                "scope": "CHANGED",
                "temporalScore": 6.1,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-20T10:37:22.506Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://hackerone.com/reports/2284129"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2024-5739",
        "datePublished": "2024-06-12T07:00:35.232Z",
        "dateReserved": "2024-06-07T07:08:09.783Z",
        "dateUpdated": "2025-03-28T23:50:07.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-1735 (GCVE-0-2024-1735)

    Vulnerability from cvelistv5 – Published: 2024-02-26 07:25 – Updated: 2025-08-26 20:01
    VLAI
    Summary
    A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-287 - Improper Authentication
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Armeria Affected: 0.69.0 , < 1.27.2 (semver)
    Create a notification for this product.
    linecorp armeria Affected: 0.69.0 , < 1.27.2 (custom)
        cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:48:21.949Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "armeria",
                "vendor": "linecorp",
                "versions": [
                  {
                    "lessThan": "1.27.2",
                    "status": "affected",
                    "version": "0.69.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1735",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-04T21:31:51.106962Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-287",
                    "description": "CWE-287 Improper Authentication",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-26T20:01:39.603Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Armeria",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "1.27.2",
                  "status": "affected",
                  "version": "0.69.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-12T07:57:43.872Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LY-Corporation"
          },
          "references": [
            {
              "url": "https://github.com/line/armeria/security/advisories/GHSA-4m6j-23p2-8c54"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LY-Corporation",
        "cveId": "CVE-2024-1735",
        "datePublished": "2024-02-26T07:25:42.406Z",
        "dateReserved": "2024-02-22T05:17:44.461Z",
        "dateUpdated": "2025-08-26T20:01:39.603Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-1143 (GCVE-0-2024-1143)

    Vulnerability from cvelistv5 – Published: 2024-02-02 06:01 – Updated: 2025-06-03 18:49
    VLAI
    Summary
    Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • na
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    LINE Corporation Central Dogma Affected: 0.63.3 , < 0.64.1 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-1143",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-02T19:51:13.437915Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-03T18:49:03.700Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T18:26:30.469Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Central Dogma",
              "vendor": "LINE Corporation",
              "versions": [
                {
                  "lessThan": "0.64.1",
                  "status": "affected",
                  "version": "0.63.3",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "na",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-06T06:59:56.850Z",
            "orgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
            "shortName": "LINE"
          },
          "references": [
            {
              "url": "https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "657f3255-0560-4aed-82e4-7f579ec6acfb",
        "assignerShortName": "LINE",
        "cveId": "CVE-2024-1143",
        "datePublished": "2024-02-02T06:01:39.341Z",
        "dateReserved": "2024-02-01T04:33:49.542Z",
        "dateUpdated": "2025-06-03T18:49:03.700Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-202310-0175

    Vulnerability from variot - Updated: 2024-07-23 21:36

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

    Description:

    AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section.

    Description:

    Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

    Description:

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.

    Description:

    nghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C.

    The following data is constructed from data provided by Red Hat's json file at:

    https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json

    Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

    • Packet Storm Staff

    ==================================================================== Red Hat Security Advisory

    Synopsis: Important: dotnet6.0 security update Advisory ID: RHSA-2023:5710-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5710 Issue date: 2023-10-16 Revision: 01 CVE Names: CVE-2023-44487 ====================================================================

    Summary:

    An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    Description:

    .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

    New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23.

    Security Fix(es):

    • HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Solution:

    https://access.redhat.com/articles/11258

    CVEs:

    CVE-2023-44487

    References:

    https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2023-003

    . ========================================================================== Ubuntu Security Notice USN-6754-1 April 25, 2024

    nghttp2 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 23.10
    • Ubuntu 22.04 LTS
    • Ubuntu 20.04 LTS
    • Ubuntu 18.04 LTS (Available with Ubuntu Pro)
    • Ubuntu 16.04 LTS (Available with Ubuntu Pro)

    Summary:

    Several security issues were fixed in nghttp2.

    Software Description: - nghttp2: HTTP/2 C Library and tools

    Details:

    It was discovered that nghttp2 incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511, CVE-2019-9513)

    It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)

    It was discovered that nghttp2 could be made to process an unlimited number of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service. (CVE-2024-28182)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 23.10: libnghttp2-14 1.55.1-1ubuntu0.2 nghttp2 1.55.1-1ubuntu0.2 nghttp2-client 1.55.1-1ubuntu0.2 nghttp2-proxy 1.55.1-1ubuntu0.2 nghttp2-server 1.55.1-1ubuntu0.2

    Ubuntu 22.04 LTS: libnghttp2-14 1.43.0-1ubuntu0.2 nghttp2 1.43.0-1ubuntu0.2 nghttp2-client 1.43.0-1ubuntu0.2 nghttp2-proxy 1.43.0-1ubuntu0.2 nghttp2-server 1.43.0-1ubuntu0.2

    Ubuntu 20.04 LTS: libnghttp2-14 1.40.0-1ubuntu0.3 nghttp2 1.40.0-1ubuntu0.3 nghttp2-client 1.40.0-1ubuntu0.3 nghttp2-proxy 1.40.0-1ubuntu0.3 nghttp2-server 1.40.0-1ubuntu0.3

    Ubuntu 18.04 LTS (Available with Ubuntu Pro): libnghttp2-14 1.30.0-1ubuntu1+esm2 nghttp2 1.30.0-1ubuntu1+esm2 nghttp2-client 1.30.0-1ubuntu1+esm2 nghttp2-proxy 1.30.0-1ubuntu1+esm2 nghttp2-server 1.30.0-1ubuntu1+esm2

    Ubuntu 16.04 LTS (Available with Ubuntu Pro): libnghttp2-14 1.7.1-1ubuntu0.1~esm2 nghttp2 1.7.1-1ubuntu0.1~esm2 nghttp2-client 1.7.1-1ubuntu0.1~esm2 nghttp2-proxy 1.7.1-1ubuntu0.1~esm2 nghttp2-server 1.7.1-1ubuntu0.1~esm2

    In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


    Debian Security Advisory DSA-5558-1 security@debian.org https://www.debian.org/security/ Markus Koschany November 18, 2023 https://www.debian.org/security/faq


    Package : netty CVE ID : CVE-2023-34462 CVE-2023-44487 Debian Bug : 1038947 1054234

    Two security vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework.

    CVE-2023-34462

    It might be possible for a remote peer to send a client hello packet during
    a TLS handshake which lead the server to buffer up to 16 MB of data per
    connection. This could lead to a OutOfMemoryError and so result in a denial
    of service. 
    This problem is also known as Rapid Reset Attack.
    

    For the oldstable distribution (bullseye), these problems have been fixed in version 1:4.1.48-4+deb11u2.

    For the stable distribution (bookworm), these problems have been fixed in version 1:4.1.48-7+deb12u1.

    We recommend that you upgrade your netty packages.

    For the detailed security status of netty please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netty

    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97 UNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0 eamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH 1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB eAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g SUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza Da8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1 g6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom rrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0 P3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg O6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI= =4ExT -----END PGP SIGNATURE----- . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202310-0175",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "node maintenance operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "jboss core services",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "go",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.21.0"
          },
          {
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.19.1"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "crosswork zero touch provisioning",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.0.0"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "integration camel for spring boot",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "windows 10 1809",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.17763.4974"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "advanced cluster security",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "expressway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "x14.3.3"
          },
          {
            "model": "ultra cloud core - policy control function",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.01.0"
          },
          {
            "model": "traffic server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.0"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.6"
          },
          {
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "11.0"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "openshift container platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "satellite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "crosswork data gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.3"
          },
          {
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "nx-os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.2\\(7\\)"
          },
          {
            "model": "nginx plus",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r25"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "service interconnect",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "1.0"
          },
          {
            "model": "fog director",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.22"
          },
          {
            "model": "unified contact center domain manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "asp.net core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.12"
          },
          {
            "model": "migration toolkit for applications",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "crosswork data gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.0"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "go",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.20.10"
          },
          {
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": ".net",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.23"
          },
          {
            "model": "ultra cloud core - policy control function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.01.0"
          },
          {
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "enterprise chat and email",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.5.93"
          },
          {
            "model": "proxygen",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "facebook",
            "version": "2023.10.16.00"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "process automation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "build of optaplanner",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "model": "jenkins",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "jenkins",
            "version": "2.427"
          },
          {
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.7.5"
          },
          {
            "model": "telepresence video communication server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "x14.3.3"
          },
          {
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "nginx plus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r30"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "20.8.1"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "swiftnio http\\/2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apple",
            "version": "1.28.0"
          },
          {
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.13.0"
          },
          {
            "model": "caddy",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "caddyserver",
            "version": "2.7.5"
          },
          {
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "10.1.0"
          },
          {
            "model": "astra control center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "fence agents remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "cert-manager operator for red hat openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "advanced cluster management for kubernetes",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "solr",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.4.0"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "secure web appliance",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "15.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "3scale api management platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "http",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ietf",
            "version": "2.0"
          },
          {
            "model": "openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip access policy manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "certification for red hat enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "migration toolkit for containers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": ".net",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.12"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.2.20"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "go",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "1.21.3"
          },
          {
            "model": "windows 11 21h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.22000.2538"
          },
          {
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "9.4.53"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "jenkins",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "jenkins",
            "version": "2.414.2"
          },
          {
            "model": "traffic server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.1.9"
          },
          {
            "model": "tomcat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apache",
            "version": "11.0.0"
          },
          {
            "model": "apisix",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "3.6.1"
          },
          {
            "model": "certification for red hat enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "9.0"
          },
          {
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "jboss a-mq streams",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip domain name system",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "ios xr",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.11.2"
          },
          {
            "model": "ultra cloud core - session management function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.02.0"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "varnish cache",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "varnish cache",
            "version": "2023-10-10"
          },
          {
            "model": "single sign-on",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "windows 10 1607",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.14393.6351"
          },
          {
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.14.1"
          },
          {
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.25.9"
          },
          {
            "model": "jboss data grid",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "12.0"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "machine deletion remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.4"
          },
          {
            "model": "nginx plus",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r29"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "grpc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.56.3"
          },
          {
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "openresty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "openresty",
            "version": "1.21.4.3"
          },
          {
            "model": "nginx",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.9.5"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "nginx plus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "r29"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "38"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "windows 10 21h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.19044.3570"
          },
          {
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.17.6"
          },
          {
            "model": "advanced cluster security",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "17.1"
          },
          {
            "model": "windows server 2022",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "big-ip analytics",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "cbl-mariner",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2023-10-11"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "traefik",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "traefik",
            "version": "2.10.5"
          },
          {
            "model": "openshift data science",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "big-ip link controller",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "node healthcheck operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "openshift gitops",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "data center network manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "openshift container platform assisted installer",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "ultra cloud core - serving gateway function",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2024.02.0"
          },
          {
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "12.0.2"
          },
          {
            "model": "opensearch data prepper",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "amazon",
            "version": "2.5.0"
          },
          {
            "model": "prime network registrar",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.2"
          },
          {
            "model": "nx-os",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(5\\)"
          },
          {
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.13.1"
          },
          {
            "model": "big-ip next service proxy for kubernetes",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.5.0"
          },
          {
            "model": "openshift serverless",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "http2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "0.17.0"
          },
          {
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "istio",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.18.0"
          },
          {
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "oncommand insight",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "jboss fuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "10.0"
          },
          {
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "18.0.0"
          },
          {
            "model": "traefik",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "traefik",
            "version": "3.0.0"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "windows 10 22h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.19045.3570"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "http server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "akka",
            "version": "10.5.3"
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "ansible automation platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.24.10"
          },
          {
            "model": "http2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "kazu yamamoto",
            "version": "4.2.2"
          },
          {
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "cryostat",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "openshift distributed tracing",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "unified contact center management portal",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "kong gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "konghq",
            "version": "3.4.2"
          },
          {
            "model": "istio",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.19.0"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.5.0"
          },
          {
            "model": "support for spring boot",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "jboss fuse",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "windows server 2016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip websafe",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "grpc",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.58.0"
          },
          {
            "model": "build of quarkus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "logging subsystem for red hat openshift",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "11.0.17"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "cost management",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "traffic server",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "8.0.0"
          },
          {
            "model": "service telemetry framework",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "1.5"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip application security manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.6.8"
          },
          {
            "model": "secure malware analytics",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.19.2"
          },
          {
            "model": "quay",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "3.0.0"
          },
          {
            "model": "linkerd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.14.0"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "windows 11 22h2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "10.0.22621.2428"
          },
          {
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "decision manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "grpc",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.59.2"
          },
          {
            "model": "nghttp2",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nghttp2",
            "version": "1.57.0"
          },
          {
            "model": "openshift service mesh",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "2.0"
          },
          {
            "model": "big-ip domain name system",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "grpc",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.58.3"
          },
          {
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "16.2"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "prime cable provisioning",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.2.1"
          },
          {
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.0"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "tomcat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.0"
          },
          {
            "model": "openshift virtualization",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "4"
          },
          {
            "model": "big-ip access policy manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "openshift secondary scheduler operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "jboss enterprise application platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0.0"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip access policy manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "linkerd",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.12.0"
          },
          {
            "model": "openshift api for data protection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip global traffic manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "node.js",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "18.18.2"
          },
          {
            "model": "jboss a-mq",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "37"
          },
          {
            "model": "prime access registrar",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "9.3.3"
          },
          {
            "model": "unified contact center enterprise - live data server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "12.6.2"
          },
          {
            "model": "networking",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "golang",
            "version": "0.17.0"
          },
          {
            "model": "armeria",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "linecorp",
            "version": "1.26.0"
          },
          {
            "model": "big-ip websafe",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip next",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "20.0.1"
          },
          {
            "model": "ios xe",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "17.15.1"
          },
          {
            "model": "nx-os",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "10.3\\(1\\)"
          },
          {
            "model": "openstack platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "16.1"
          },
          {
            "model": "grpc",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "grpc",
            "version": "1.57.0"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "openshift dev spaces",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "12.0.0"
          },
          {
            "model": "big-ip analytics",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "prime infrastructure",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.10.4"
          },
          {
            "model": "h2o",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "dena",
            "version": "2023-10-10"
          },
          {
            "model": "nginx ingress controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "3.0.0"
          },
          {
            "model": "openshift pipelines",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "10.0.0"
          },
          {
            "model": "big-ip application security manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "jboss enterprise application platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0.0"
          },
          {
            "model": "unified contact center enterprise",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "istio",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "istio",
            "version": "1.18.3"
          },
          {
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "secure dynamic attributes connector",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2.2.0"
          },
          {
            "model": "big-ip websafe",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "ceph storage",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "model": "run once duration override operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip link controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "big-ip local traffic manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "integration camel k",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "visual studio 2022",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.7"
          },
          {
            "model": "big-ip carrier-grade nat",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.27.0"
          },
          {
            "model": "nginx ingress controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.4.2"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "integration service registry",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "firepower threat defense",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.4.2"
          },
          {
            "model": "big-ip analytics",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "node.js",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "20.0.0"
          },
          {
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.0.80"
          },
          {
            "model": "iot field network director",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.11.0"
          },
          {
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "asp.net core",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.0"
          },
          {
            "model": "migration toolkit for virtualization",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip link controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "big-ip ssl orchestrator",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "big-ip fraud protection service",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": ".net",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.0"
          },
          {
            "model": "jetty",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "11.0.0"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "unified attendant console advanced",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "big-ip advanced web application firewall",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.5"
          },
          {
            "model": "web terminal",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.5"
          },
          {
            "model": "traffic server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "apache",
            "version": "9.2.3"
          },
          {
            "model": "windows server 2019",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": "linkerd",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "linkerd",
            "version": "2.12.5"
          },
          {
            "model": "jetty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "eclipse",
            "version": "10.0.17"
          },
          {
            "model": "network observability operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.0"
          },
          {
            "model": "visual studio 2022",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "17.4.12"
          },
          {
            "model": "azure kubernetes service",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "2023-10-08"
          },
          {
            "model": "openshift sandboxed containers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "big-ip webaccelerator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "8.0"
          },
          {
            "model": "big-ip domain name system",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "tomcat",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "apache",
            "version": "10.1.13"
          },
          {
            "model": "big-ip application visibility and reporting",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "big-ip application acceleration manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "14.1.0"
          },
          {
            "model": "big-ip application security manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "f5",
            "version": "17.1.0"
          },
          {
            "model": "big-ip next service proxy for kubernetes",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.8.2"
          },
          {
            "model": "asp.net core",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.0"
          },
          {
            "model": "big-ip ddos hybrid defender",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.0"
          },
          {
            "model": "nginx ingress controller",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "2.0.0"
          },
          {
            "model": "asp.net core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "6.0.23"
          },
          {
            "model": "openshift developer tools and services",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "connected mobile experiences",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "11.1"
          },
          {
            "model": "nginx ingress controller",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "3.3.0"
          },
          {
            "model": ".net",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "microsoft",
            "version": "7.0.0"
          },
          {
            "model": "contour",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "projectcontour",
            "version": "2023-10-11"
          },
          {
            "model": "big-ip policy enforcement manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "16.1.4"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "13.1.0"
          },
          {
            "model": "self node remediation operator",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "9.0"
          },
          {
            "model": "nginx",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "1.25.2"
          },
          {
            "model": "big-ip advanced firewall manager",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "f5",
            "version": "15.1.10"
          },
          {
            "model": "envoy",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "envoyproxy",
            "version": "1.26.4"
          },
          {
            "model": "netty",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "netty",
            "version": "4.1.100"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.57.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.1.100",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.27.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.26.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.25.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:envoyproxy:envoy:1.24.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "12.0.2",
                    "versionStartIncluding": "12.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "11.0.17",
                    "versionStartIncluding": "11.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.17",
                    "versionStartIncluding": "10.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "9.4.53",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.7.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "0.17.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.21.3",
                    "versionStartIncluding": "1.21.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.20.10",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "0.17.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "13.1.5",
                    "versionStartIncluding": "13.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:17.1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "14.1.5",
                    "versionStartIncluding": "14.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.1.10",
                    "versionStartIncluding": "15.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "16.1.4",
                    "versionStartIncluding": "16.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "r29",
                    "versionStartIncluding": "r25",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx_plus:r29:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_next:20.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.8.2",
                    "versionStartIncluding": "1.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.25.2",
                    "versionStartIncluding": "1.9.5",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.4.2",
                    "versionStartIncluding": "2.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "3.3.0",
                    "versionStartIncluding": "3.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "9.0.80",
                    "versionStartIncluding": "9.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "8.5.93",
                    "versionStartIncluding": "8.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.13",
                    "versionStartIncluding": "10.1.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.28.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:grpc:grpc:1.57.0:-:*:*:*:go:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.58.3",
                    "versionStartIncluding": "1.58.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.56.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.59.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.19045.3570",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.17763.4974",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.22000.2538",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.22621.2428",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.14393.6351",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.14393.6351",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.12",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.0.19044.3570",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "17.7.5",
                    "versionStartIncluding": "17.7",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "17.6.8",
                    "versionStartIncluding": "17.6",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "17.4.12",
                    "versionStartIncluding": "17.4",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "17.2.20",
                    "versionStartIncluding": "17.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.23",
                    "versionStartIncluding": "6.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:asp.net_core:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.0.12",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.23",
                    "versionStartIncluding": "6.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:azure_kubernetes_service:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023-10-08",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "18.18.2",
                    "versionStartIncluding": "18.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "20.8.1",
                    "versionStartIncluding": "20.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:cbl-mariner:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023-10-11",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:dena:h2o:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023-10-10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:facebook:proxygen:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023.10.16.00",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "9.2.3",
                    "versionStartIncluding": "9.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.1.9",
                    "versionStartIncluding": "8.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.6.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:amazon:opensearch_data_prepper:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.5.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:kazu-yamamoto:http2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.19.1",
                    "versionStartIncluding": "1.19.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.18.3",
                    "versionStartIncluding": "1.18.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:istio:istio:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.17.6",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:varnish_cache_project:varnish_cache:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023-10-10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.10.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:projectcontour:contour:*:*:*:*:*:kubernetes:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2023-10-11",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.13.0:*:*:*:stable:kubernetes:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.13.1:*:*:*:stable:kubernetes:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.14.0:*:*:*:stable:kubernetes:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:2.14.1:*:*:*:stable:kubernetes:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:linkerd:linkerd:*:*:*:*:stable:kubernetes:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.12.5",
                    "versionStartIncluding": "2.12.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.26.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_fuse:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_data_grid:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:integration_service_registry:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_service_mesh:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:3scale_api_management_platform:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:ansible_automation_platform:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:integration_camel_for_spring_boot:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:build_of_optaplanner:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_data_science:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:cost_management:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_virtualization:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_a-mq_streams:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:cryostat:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:network_observability_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:node_healthcheck_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_sandboxed_containers:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_secondary_scheduler_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform_assisted_installer:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:certification_for_red_hat_enterprise_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:migration_toolkit_for_containers:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:aws:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:run_once_duration_override_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:service_interconnect:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openshift_distributed_tracing:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:support_for_spring_boot:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:web_terminal:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:node_maintenance_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:machine_deletion_remediation_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:fence_agents_remediation_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:self_node_remediation_operator:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:redhat:service_telemetry_framework:1.5:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netapp:astra_control_center:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:akka:http_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.5.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:konghq:kong_gateway:*:*:*:*:enterprise:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.4.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.427",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.414.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "9.4.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.21.4.3",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.10.4",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:secure_malware_analytics:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.19.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:secure_dynamic_attributes_connector:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.2.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.4.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:fog_director:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.22",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "17.15.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:prime_network_registrar:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "11.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:prime_cable_provisioning:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.2.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "9.3.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.11.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "7.11.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "6.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.1.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:expressway:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "x14.3.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:connected_mobile_experiences:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "11.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:telepresence_video_communication_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "x14.3.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_domain_manager:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise_-_live_data_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "12.6.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_management_portal:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:unified_attendant_console_advanced:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_session_management_function:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2024.02.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_serving_gateway_function:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2024.02.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2024.01.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ultra_cloud_core_-_policy_control_function:2024.01.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:cisco:secure_web_appliance_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "15.1.0",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:secure_web_appliance:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "10.2\\(7\\)",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "10.3\\(5\\)",
                        "versionStartIncluding": "10.3\\(1\\)",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "10.2\\(7\\)",
                        "vulnerable": true
                      },
                      {
                        "cpe23Uri": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndExcluding": "10.3\\(5\\)",
                        "versionStartIncluding": "10.3\\(1\\)",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9200yc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92160yc_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92300yc_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92304qc_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9236c_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9272q_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-ex_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93120tx_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93128tx_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180lc-ex_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-ex_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93240tc-fx2:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9332pq_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px-e_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372px_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx-e_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9372tx_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396px_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9396tx_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9432pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_16-slot:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_4-slot:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_8-slot:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9504_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9508_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9516_switch:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9536pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9636pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9716d-gx:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9736pq:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9800:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      },
                      {
                        "cpe23Uri": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "db": "PACKETSTORM",
            "id": "175376"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2023-44487",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2023-44487",
                "trust": 1.0,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. \n\n\n\n\nDescription:\n\nAMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. For further information, refer to the release notes linked to in the References section. \n\n\n\n\nDescription:\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. \n\n\n\n\nDescription:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. \n\n\n\n\nDescription:\n\nnghttp2 contains the Hypertext Transfer Protocol version 2 (HTTP/2) client, server, and proxy programs as well as a library implementing the HTTP/2 protocol in C. \n\nThe following data is constructed from data provided by Red Hat\u0027s json file at:\n\nhttps://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json\n\nRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat\u0027s archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. \n\n- Packet Storm Staff\n\n\n\n\n====================================================================\nRed Hat Security Advisory\n\nSynopsis:           Important: dotnet6.0 security update\nAdvisory ID:        RHSA-2023:5710-01\nProduct:            Red Hat Enterprise Linux\nAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5710\nIssue date:         2023-10-16\nRevision:           01\nCVE Names:          CVE-2023-44487\n====================================================================\n\nSummary: \n\nAn update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. \n\n\n\n\nDescription:\n\n.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. \n\nNew versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.123 and Runtime 6.0.23. \n\nSecurity Fix(es):\n\n* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\n\nSolution:\n\nhttps://access.redhat.com/articles/11258\n\n\n\nCVEs:\n\nCVE-2023-44487\n\nReferences:\n\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2023-003\n\n. ==========================================================================\nUbuntu Security Notice USN-6754-1\nApril 25, 2024\n\nnghttp2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in nghttp2. \n\nSoftware Description:\n- nghttp2: HTTP/2 C Library and tools\n\nDetails:\n\nIt was discovered that nghttp2 incorrectly handled the HTTP/2\nimplementation. A remote attacker could possibly use this issue to cause\nnghttp2 to consume resources, leading to a denial of service. This issue\nonly affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511,\nCVE-2019-9513)\n\nIt was discovered that nghttp2 incorrectly handled request cancellation. A\nremote attacker could possibly use this issue to cause nghttp2 to consume\nresources, leading to a denial of service. This issue only affected Ubuntu\n16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)\n\nIt was discovered that nghttp2 could be made to process an unlimited number\nof HTTP/2 CONTINUATION frames. A remote attacker could possibly use this\nissue to cause nghttp2 to consume resources, leading to a denial of\nservice. (CVE-2024-28182)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.10:\n   libnghttp2-14                   1.55.1-1ubuntu0.2\n   nghttp2                         1.55.1-1ubuntu0.2\n   nghttp2-client                  1.55.1-1ubuntu0.2\n   nghttp2-proxy                   1.55.1-1ubuntu0.2\n   nghttp2-server                  1.55.1-1ubuntu0.2\n\nUbuntu 22.04 LTS:\n   libnghttp2-14                   1.43.0-1ubuntu0.2\n   nghttp2                         1.43.0-1ubuntu0.2\n   nghttp2-client                  1.43.0-1ubuntu0.2\n   nghttp2-proxy                   1.43.0-1ubuntu0.2\n   nghttp2-server                  1.43.0-1ubuntu0.2\n\nUbuntu 20.04 LTS:\n   libnghttp2-14                   1.40.0-1ubuntu0.3\n   nghttp2                         1.40.0-1ubuntu0.3\n   nghttp2-client                  1.40.0-1ubuntu0.3\n   nghttp2-proxy                   1.40.0-1ubuntu0.3\n   nghttp2-server                  1.40.0-1ubuntu0.3\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n   libnghttp2-14                   1.30.0-1ubuntu1+esm2\n   nghttp2                         1.30.0-1ubuntu1+esm2\n   nghttp2-client                  1.30.0-1ubuntu1+esm2\n   nghttp2-proxy                   1.30.0-1ubuntu1+esm2\n   nghttp2-server                  1.30.0-1ubuntu1+esm2\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n   libnghttp2-14                   1.7.1-1ubuntu0.1~esm2\n   nghttp2                         1.7.1-1ubuntu0.1~esm2\n   nghttp2-client                  1.7.1-1ubuntu0.1~esm2\n   nghttp2-proxy                   1.7.1-1ubuntu0.1~esm2\n   nghttp2-server                  1.7.1-1ubuntu0.1~esm2\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5558-1                   security@debian.org\nhttps://www.debian.org/security/                          Markus Koschany\nNovember 18, 2023                     https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : netty\nCVE ID         : CVE-2023-34462 CVE-2023-44487\nDebian Bug     : 1038947 1054234\n\nTwo security vulnerabilities have been discovered in Netty, a Java NIO\nclient/server socket framework. \n\nCVE-2023-34462\n\n    It might be possible for a remote peer to send a client hello packet during\n    a TLS handshake which lead the server to buffer up to 16 MB of data per\n    connection. This could lead to a OutOfMemoryError and so result in a denial\n    of service. \n    This problem is also known as Rapid Reset Attack. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 1:4.1.48-4+deb11u2. \n\nFor the stable distribution (bookworm), these problems have been fixed in\nversion 1:4.1.48-7+deb12u1. \n\nWe recommend that you upgrade your netty packages. \n\nFor the detailed security status of netty please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/netty\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVY5TZfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeRHiBAAzFhW85Ho37J02wrSDVwhIMTsVjNO9lnA08Pswdohr9K1wxeCJ/hBAx97\nUNIrjTxyOfCJWi1Kj5pITXEHBRu6w1fj/5y9yoMpAKEu+oGQroHbSf4CPmqP2Of0\neamkfbGx2Dh7Ug3qYxe+elcqRtU3gu8I8DYcWJnm2VpWq7/pbNJ+9iqtmMjhkPLH\n1etLI/5HAkwpPimZSrHzcimn39gEVaIbZLc86ZBAoAPghc+iJR1JFHERmkEutWkB\neAnL3kD1mr6F711eZvDfPaRfEUVorW67ZEpPX68MJExuYHNXd268EhQOhf/ZYv8g\nSUSBJuKw4w2OnL4fn8lhqnQgYHUVkcYBtfYii6E9bEVAIPoaT+4gvdSg9zkF6cza\nDa8SXkEY2ysaX+A24iVnCNMpCMSOUOxWsFFvkCcfi8A4HxGGqWzVOsBbDJKjktS1\ng6FyeqWsGh9QG/CPYeMN7LB7lW1l2XzO6GQ9QR1rzU/whgUVxprkye5wx2BaQmom\nrrWVHBijH1cNWd1IbryAm+prduL1l/CNR0785ZPTjB3SsMFPCAtRHf9G976rqVs0\nP3jGg+BdeDj+sd3EFHcHnNXQOaETgR07RWzngbjEkgmJYhB2B43hCQ2LwsNlHsmg\nO6otUI2k274IF9KHh0T1h1hopbUTU8VPy3dpcLloCzk7KiAv1RI=\n=4ExT\n-----END PGP SIGNATURE-----\n. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          },
          {
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "db": "PACKETSTORM",
            "id": "175875"
          },
          {
            "db": "PACKETSTORM",
            "id": "175807"
          },
          {
            "db": "PACKETSTORM",
            "id": "175376"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487",
            "trust": 1.9
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/18/8",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/10/6",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/19/6",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/18/4",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/13/4",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/13/9",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2023/10/20/8",
            "trust": 1.0
          },
          {
            "db": "PACKETSTORM",
            "id": "175239",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175234",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175230",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175126",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175160",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "178284",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175875",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175807",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "175376",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "db": "PACKETSTORM",
            "id": "175875"
          },
          {
            "db": "PACKETSTORM",
            "id": "175807"
          },
          {
            "db": "PACKETSTORM",
            "id": "175376"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "id": "VAR-202310-0175",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.465728264
      },
      "last_update_date": "2024-07-23T21:36:24.758000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-400",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/4"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/13/9"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/4"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/18/8"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/19/6"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2023/10/20/8"
          },
          {
            "trust": 1.0,
            "url": "https://access.redhat.com/security/cve/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/"
          },
          {
            "trust": 1.0,
            "url": "https://aws.amazon.com/security/security-bulletins/aws-2023-011/"
          },
          {
            "trust": 1.0,
            "url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
          },
          {
            "trust": 1.0,
            "url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/"
          },
          {
            "trust": 1.0,
            "url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/"
          },
          {
            "trust": 1.0,
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack"
          },
          {
            "trust": 1.0,
            "url": "https://blog.vespa.ai/cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988"
          },
          {
            "trust": 1.0,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803"
          },
          {
            "trust": 1.0,
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123"
          },
          {
            "trust": 1.0,
            "url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9"
          },
          {
            "trust": 1.0,
            "url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/"
          },
          {
            "trust": 1.0,
            "url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack"
          },
          {
            "trust": 1.0,
            "url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125"
          },
          {
            "trust": 1.0,
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715"
          },
          {
            "trust": 1.0,
            "url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve"
          },
          {
            "trust": 1.0,
            "url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764"
          },
          {
            "trust": 1.0,
            "url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/azure/aks/issues/3947"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kong/kong/discussions/11741"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-qppj-fm5r-hxr3"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-vx74-f528-fxqg"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/advisories/ghsa-xpw8-rcwv-8f8p"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/akka/akka-http/issues/4323"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/alibaba/tengine/issues/1872"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/apisix/issues/10320"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/httpd-site/pull/10"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#l1101-l1113"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/apache/trafficserver/pull/10564"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/arkrwn/poc/tree/main/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/bcdannyboy/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/caddyserver/caddy/issues/5877"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/dotnet/announcements/issues/277"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#l73"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/eclipse/jetty.project/issues/10679"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/envoyproxy/envoy/pull/30055"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/etcd-io/etcd/issues/16740"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/facebook/proxygen/pull/466"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/golang/go/issues/63417"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/grpc/grpc-go/pull/6703"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/h2o/h2o/pull/3291"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/h2o/h2o/security/advisories/ghsa-2m7v-gc89-fjqf"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/haproxy/haproxy/issues/2312"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/readme.md?plain=1#l239-l244"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/junkurihara/rust-rpxy/issues/97"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kazu-yamamoto/http2/issues/93"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/kubernetes/kubernetes/pull/121120"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/line/armeria/pull/5232"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/micrictor/http2-rst-stream"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/microsoft/cbl-mariner/pull/6381"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nghttp2/nghttp2/pull/1961"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/ninenines/cowboy/issues/1615"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/nodejs/node/pull/50121"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/openresty/openresty/issues/930"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/opensearch-project/data-prepper/issues/3474"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/oqtane/oqtane.framework/discussions/3367"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/projectcontour/contour/pull/5826"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/tempesta-tech/tempesta/issues/1986"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/varnishcache/varnish-cache/issues/3996"
          },
          {
            "trust": 1.0,
            "url": "https://groups.google.com/g/golang-announce/c/innxdtcjzvo"
          },
          {
            "trust": 1.0,
            "url": "https://istio.io/latest/news/security/istio-security-2023-004/"
          },
          {
            "trust": 1.0,
            "url": "https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2mbeppc36ubvozznaxfhklfgslcmn5li/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3n4nj7fr4x4fpzugntqapstvb2hb2y4a/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfqd3kuemfbhpapbglwqc34l4owl5haz/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/clb4tw7kalb3eeqwnwcn7ouiwwvwwcg2/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/e72t67updrxhidlo3oror25yamn4ggw5/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fna62q767cfafhbcdkynpbmzwb7twyvu/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ht7t2r4mqklif4odv4bdlparwfpcj5cz/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jizsefc3ykcgaba2bzw6zjrmdzjmb7pj/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jmexy22bfg5q64hqcm5ck2q7kdkvv4ty/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ksegd2iwknuo3dwy4kqguqm5bisrwhqe/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lkyhszqfdnr7rsa7lhvlliaqmvycugbg/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lnmzjcdhgljjlxo4oxwjmtvqrnwoc7ul/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vhuhtsxlxgxs7jykbxta3vinuphtngvu/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vsrdiv77hnkusm7sjc5bke5jshlhu2nk/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/we2i52rhnnu42px6nz2rbuhsffj2lvzx/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wlprq5twuqqxywbjm7ecydail2yvkiuh/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x6qxn4orivf6xbw4wwfe7vnpvc74s45y/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xfoibb4yfichdm7ibop7pwxw3fx4hll2/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zb43remkrqr62njei7i5nq4fsxnlbkrt/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkqsikiat5tj3wslu3rdbq35yx4gy4v3/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zlu6u2r2ic2k64ndpnmv55auao65maf4/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.w3.org/archives/public/ietf-http-wg/2023octdec/0025.html"
          },
          {
            "trust": 1.0,
            "url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-october/s36q5hbxr7caimpllprsssyr4pcmwilk.html"
          },
          {
            "trust": 1.0,
            "url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html"
          },
          {
            "trust": 1.0,
            "url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/"
          },
          {
            "trust": 1.0,
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://my.f5.com/manage/s/article/k000137106"
          },
          {
            "trust": 1.0,
            "url": "https://netty.io/news/2023/10/10/4-1-100-final.html"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37830987"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37830998"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37831062"
          },
          {
            "trust": 1.0,
            "url": "https://news.ycombinator.com/item?id=37837043"
          },
          {
            "trust": 1.0,
            "url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/"
          },
          {
            "trust": 1.0,
            "url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected"
          },
          {
            "trust": 1.0,
            "url": "https://security.gentoo.org/glsa/202311-09"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20231016-0001/"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240426-0007/"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          },
          {
            "trust": 1.0,
            "url": "https://security.netapp.com/advisory/ntap-20240621-0007/"
          },
          {
            "trust": 1.0,
            "url": "https://security.paloaltonetworks.com/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://tomcat.apache.org/security-10.html#fixed_in_apache_tomcat_10.1.14"
          },
          {
            "trust": 1.0,
            "url": "https://ubuntu.com/security/cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5521"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5522"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5540"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5549"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5558"
          },
          {
            "trust": 1.0,
            "url": "https://www.debian.org/security/2023/dsa-5570"
          },
          {
            "trust": 1.0,
            "url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487"
          },
          {
            "trust": 1.0,
            "url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/"
          },
          {
            "trust": 1.0,
            "url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/"
          },
          {
            "trust": 1.0,
            "url": "https://www.openwall.com/lists/oss-security/2023/10/10/6"
          },
          {
            "trust": 1.0,
            "url": "https://www.phoronix.com/news/http2-rapid-reset-attack"
          },
          {
            "trust": 1.0,
            "url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/"
          },
          {
            "trust": 0.9,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-44487"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2023-003"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5945.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=jboss.amq.broker\u0026version=7.10.4"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5945"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5928.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5928"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5922.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5922"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5766"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5766.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5710.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:5710"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.40.0-1ubuntu0.3"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-6754-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.43.0-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.55.1-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9513"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9511"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-28182"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.40.0-1ubuntu0.2"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.55.1-1ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://ubuntu.com/security/notices/usn-6505-1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.52.0-1ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/nghttp2/1.43.0-1ubuntu0.1"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-34462"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://security-tracker.debian.org/tracker/netty"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6105.json"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2023:6105"
          }
        ],
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "db": "PACKETSTORM",
            "id": "175875"
          },
          {
            "db": "PACKETSTORM",
            "id": "175807"
          },
          {
            "db": "PACKETSTORM",
            "id": "175376"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "db": "PACKETSTORM",
            "id": "175875"
          },
          {
            "db": "PACKETSTORM",
            "id": "175807"
          },
          {
            "db": "PACKETSTORM",
            "id": "175376"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-10-20T14:34:30",
            "db": "PACKETSTORM",
            "id": "175239"
          },
          {
            "date": "2023-10-20T14:33:16",
            "db": "PACKETSTORM",
            "id": "175234"
          },
          {
            "date": "2023-10-20T14:32:33",
            "db": "PACKETSTORM",
            "id": "175230"
          },
          {
            "date": "2023-10-17T15:39:55",
            "db": "PACKETSTORM",
            "id": "175126"
          },
          {
            "date": "2023-10-18T16:23:08",
            "db": "PACKETSTORM",
            "id": "175160"
          },
          {
            "date": "2024-04-26T15:13:40",
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "date": "2023-11-22T16:28:02",
            "db": "PACKETSTORM",
            "id": "175875"
          },
          {
            "date": "2023-11-20T16:25:51",
            "db": "PACKETSTORM",
            "id": "175807"
          },
          {
            "date": "2023-10-27T12:55:12",
            "db": "PACKETSTORM",
            "id": "175376"
          },
          {
            "date": "2023-10-10T14:15:10.883000",
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-06-27T18:34:22.110000",
            "db": "NVD",
            "id": "CVE-2023-44487"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "178284"
          },
          {
            "db": "PACKETSTORM",
            "id": "175875"
          }
        ],
        "trust": 0.2
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Red Hat Security Advisory 2023-5945-01",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "175239"
          }
        ],
        "trust": 0.1
      }
    }