Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-29923 (GCVE-0-2021-29923)
Vulnerability from cvelistv5 – Published: 2021-08-07 16:38 – Updated: 2024-08-03 22:18
VLAI
EPSS
Summary
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://golang.org/pkg/net/#ParseCIDR | x_refsource_MISC |
| https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC |
| https://defcon.org/html/defcon-29/dc-29-speakers.… | x_refsource_MISC |
| https://github.com/golang/go/issues/43389 | x_refsource_MISC |
| https://github.com/golang/go/issues/30999 | x_refsource_MISC |
| https://go-review.googlesource.com/c/go/+/325829/ | x_refsource_MISC |
| https://github.com/sickcodes/security/blob/master… | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://security.gentoo.org/glsa/202208-02 | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:18:03.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-04T15:09:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29923",
"datePublished": "2021-08-07T16:38:59.000Z",
"dateReserved": "2021-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:18:03.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-29923",
"date": "2026-06-11",
"epss": "0.00254",
"percentile": "0.48975"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.17\", \"matchCriteriaId\": \"D39D5C21-8281-429F-AC33-CE39821CA3EC\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"21.1.1.1.0\", \"matchCriteriaId\": \"20290BBC-E3C9-4B96-94FE-2DFADD4BF1F1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.\"}, {\"lang\": \"es\", \"value\": \"Go versiones anteriores a 1.17, no considera apropiadamente los caracteres cero extra\\u00f1os al principio de un octeto de direcci\\u00f3n IP, lo que (en algunas situaciones) permite a atacantes omitir el control de acceso que es basado en las direcciones IP, debido a una interpretaci\\u00f3n octal inesperada. Esto afecta a net.ParseIP y net.ParseCIDR\"}]",
"id": "CVE-2021-29923",
"lastModified": "2024-11-21T06:01:59.570",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-08-07T17:15:07.067",
"references": "[{\"url\": \"https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/golang/go/issues/30999\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/golang/go/issues/43389\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://go-review.googlesource.com/c/go/+/325829/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://golang.org/pkg/net/#ParseCIDR\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.gentoo.org/glsa/202208-02\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/golang/go/issues/30999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/golang/go/issues/43389\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://go-review.googlesource.com/c/go/+/325829/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://golang.org/pkg/net/#ParseCIDR\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/202208-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-29923\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-08-07T17:15:07.067\",\"lastModified\":\"2024-11-21T06:01:59.570\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.\"},{\"lang\":\"es\",\"value\":\"Go versiones anteriores a 1.17, no considera apropiadamente los caracteres cero extra\u00f1os al principio de un octeto de direcci\u00f3n IP, lo que (en algunas situaciones) permite a atacantes omitir el control de acceso que es basado en las direcciones IP, debido a una interpretaci\u00f3n octal inesperada. Esto afecta a net.ParseIP y net.ParseCIDR\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17\",\"matchCriteriaId\":\"D39D5C21-8281-429F-AC33-CE39821CA3EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"21.1.1.1.0\",\"matchCriteriaId\":\"20290BBC-E3C9-4B96-94FE-2DFADD4BF1F1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/30999\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/43389\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://go-review.googlesource.com/c/go/+/325829/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://golang.org/pkg/net/#ParseCIDR\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/30999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/43389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://go-review.googlesource.com/c/go/+/325829/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://golang.org/pkg/net/#ParseCIDR\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2024-AVI-0145
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 | IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions 1.10.x.x antérieures à 1.10.18.0 | ||
| IBM | N/A | IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions antérieures à v4.8.2 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF05 | ||
| IBM | QRadar | IBM QRadar Use Case Manager App versions antérieures à 3.9.0 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | WebSphere | IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.1.x.x antérieures à 6.1.0.23 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.3.x.x antérieures à 6.3.0.6 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.2.x.x antérieures à 6.2.0.22 | ||
| IBM | Db2 | IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2 | ||
| IBM | Cloud Pak | IBM Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.18.0 | ||
| IBM | Spectrum | IBM Spectrum Scale versions 5.1.x.x antérieures à 5.1.2.15 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | QRadar WinCollect Agent | IBM QRadar WinCollect Agent versions 10.0.x antérieures à 10.1.9 | ||
| IBM | Spectrum | IBM Spectrum Scale versions 5.1.3.x antérieures à 5.1.9.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF05",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 3.9.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.1.x.x ant\u00e9rieures \u00e0 6.1.0.23",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.3.x.x ant\u00e9rieures \u00e0 6.3.0.6",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.22",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 5.1.x.x ant\u00e9rieures \u00e0 5.1.2.15",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar WinCollect Agent versions 10.0.x ant\u00e9rieures \u00e0 10.1.9",
"product": {
"name": "QRadar WinCollect Agent",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 5.1.3.x ant\u00e9rieures \u00e0 5.1.9.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2023-6681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
},
{
"name": "CVE-2015-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"name": "CVE-2023-34053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34053"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2023-46308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-47747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47747"
},
{
"name": "CVE-2023-47158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47158"
},
{
"name": "CVE-2022-23529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23529"
},
{
"name": "CVE-2023-34054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34054"
},
{
"name": "CVE-2023-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-46167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46167"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2023-38740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38740"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2021-33196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2023-38719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38719"
},
{
"name": "CVE-2023-30987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30987"
},
{
"name": "CVE-2023-45178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45178"
},
{
"name": "CVE-2023-47701",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47701"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"name": "CVE-2023-50308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50308"
},
{
"name": "CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"name": "CVE-2023-40687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40687"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2015-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2015-8392",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2020-28367",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28367"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"name": "CVE-2015-8395",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2015-8393",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8393"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-23541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2023-47627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
},
{
"name": "CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2023-4586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4586"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2023-40373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40373"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38728"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-47746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47746"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2022-23540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-37276",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37276"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2023-38720",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38720"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2023-47141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47141"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2023-40692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40692"
},
{
"name": "CVE-2021-41190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
},
{
"name": "CVE-2023-45193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45193"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2023-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38003"
},
{
"name": "CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2023-47145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47145"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-22190",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-39976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2020-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2020-19909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
},
{
"name": "CVE-2022-48337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48337"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2022-23539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23539"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2020-29510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29510"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-48339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48339"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2023-49081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
},
{
"name": "CVE-2021-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"name": "CVE-2023-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38727"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"name": "CVE-2020-24553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24553"
},
{
"name": "CVE-2023-29258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29258"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2023-34062",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34062"
},
{
"name": "CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36046"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2002-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-0059"
},
{
"name": "CVE-2023-43020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43020"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-27859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27859"
},
{
"name": "CVE-2023-32731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-36665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36665"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2023-40374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40374"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2023-46589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2020-14039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14039"
},
{
"name": "CVE-2023-40372",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40372"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-47152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47152"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2020-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28366"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0145",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117872 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117872"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118592 du 16 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118592"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117873 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117873"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118289 du 15 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118289"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118351 du 15 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118351"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117821 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117821"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117883 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117883"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117881 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117881"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117884 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117884"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
FKIE_CVE-2021-29923
Vulnerability from fkie_nvd - Published: 2021-08-07 17:15 - Updated: 2024-11-21 06:01
Severity
Summary
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis | Third Party Advisory | |
| cve@mitre.org | https://github.com/golang/go/issues/30999 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/golang/go/issues/43389 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md | Exploit, Third Party Advisory | |
| cve@mitre.org | https://go-review.googlesource.com/c/go/+/325829/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://golang.org/pkg/net/#ParseCIDR | Vendor Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202208-02 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/golang/go/issues/30999 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/golang/go/issues/43389 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://go-review.googlesource.com/c/go/+/325829/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://golang.org/pkg/net/#ParseCIDR | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202208-02 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujan2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| golang | go | * | |
| oracle | timesten_in-memory_database | * | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D39D5C21-8281-429F-AC33-CE39821CA3EC",
"versionEndExcluding": "1.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20290BBC-E3C9-4B96-94FE-2DFADD4BF1F1",
"versionEndExcluding": "21.1.1.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
},
{
"lang": "es",
"value": "Go versiones anteriores a 1.17, no considera apropiadamente los caracteres cero extra\u00f1os al principio de un octeto de direcci\u00f3n IP, lo que (en algunas situaciones) permite a atacantes omitir el control de acceso que es basado en las direcciones IP, debido a una interpretaci\u00f3n octal inesperada. Esto afecta a net.ParseIP y net.ParseCIDR"
}
],
"id": "CVE-2021-29923",
"lastModified": "2024-11-21T06:01:59.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-07T17:15:07.067",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-38H6-VXP4-QXVM
Vulnerability from github – Published: 2022-05-24 19:10 – Updated: 2022-05-24 19:10
VLAI
Details
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2021-29923"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-07T17:15:00Z",
"severity": "HIGH"
},
"details": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GHSA-38h6-vxp4-qxvm",
"modified": "2022-05-24T19:10:21Z",
"published": "2022-05-24T19:10:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"type": "WEB",
"url": "https://github.com/golang/go/issues/30999"
},
{
"type": "WEB",
"url": "https://github.com/golang/go/issues/43389"
},
{
"type": "WEB",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"type": "WEB",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"type": "WEB",
"url": "https://go-review.googlesource.com/c/go/+/325829"
},
{
"type": "WEB",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2021-29923
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-29923",
"description": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GSD-2021-29923",
"references": [
"https://www.suse.com/security/cve/CVE-2021-29923.html",
"https://access.redhat.com/errata/RHSA-2022:0561",
"https://access.redhat.com/errata/RHSA-2022:0557",
"https://access.redhat.com/errata/RHSA-2022:0434",
"https://access.redhat.com/errata/RHSA-2022:0432",
"https://access.redhat.com/errata/RHSA-2022:0431",
"https://access.redhat.com/errata/RHSA-2022:0318",
"https://access.redhat.com/errata/RHSA-2022:0260",
"https://access.redhat.com/errata/RHSA-2022:0237",
"https://access.redhat.com/errata/RHSA-2021:4914",
"https://access.redhat.com/errata/RHSA-2021:4910",
"https://access.redhat.com/errata/RHSA-2021:4902",
"https://access.redhat.com/errata/RHSA-2021:4725",
"https://access.redhat.com/errata/RHSA-2021:4722",
"https://access.redhat.com/errata/RHSA-2021:3585",
"https://access.redhat.com/errata/RHSA-2021:3431",
"https://security.archlinux.org/CVE-2021-29923",
"https://access.redhat.com/errata/RHSA-2022:0577",
"https://access.redhat.com/errata/RHSA-2022:0947",
"https://access.redhat.com/errata/RHSA-2022:0988",
"https://access.redhat.com/errata/RHSA-2022:0989",
"https://access.redhat.com/errata/RHSA-2022:0997",
"https://access.redhat.com/errata/RHSA-2022:0998",
"https://access.redhat.com/errata/RHSA-2022:1276",
"https://access.redhat.com/errata/RHSA-2022:1372",
"https://linux.oracle.com/cve/CVE-2021-29923.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-29923"
],
"details": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"id": "GSD-2021-29923",
"modified": "2023-12-13T01:23:36.622313Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:timesten_in-memory_database:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.1.1.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29923"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/golang/go/issues/43389",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/43389"
},
{
"name": "https://github.com/golang/go/issues/30999",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/golang/go/issues/30999"
},
{
"name": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md"
},
{
"name": "https://golang.org/pkg/net/#ParseCIDR",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://golang.org/pkg/net/#ParseCIDR"
},
{
"name": "https://go-review.googlesource.com/c/go/+/325829/",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://go-review.googlesource.com/c/go/+/325829/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "FEDORA-2022-17d004ed71",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/"
},
{
"name": "GLSA-202208-02",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-09-14T21:11Z",
"publishedDate": "2021-08-07T17:15Z"
}
}
}
MSRC_CVE-2021-29923
Vulnerability from csaf_microsoft - Published: 2021-08-02 00:00 - Updated: 2026-02-18 14:02Summary
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 19007-16820 | — | ||
| Unresolved product id: 17021-17084 | — | ||
| Unresolved product id: 19696-17084 | — |
Known affected
3 products
Known not affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2021-29923 Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-29923.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.",
"tracking": {
"current_release_date": "2026-02-18T14:02:27.000Z",
"generator": {
"date": "2026-02-21T02:07:26.058Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2021-29923",
"initial_release_date": "2021-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-08-18T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2024-08-29T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Information published."
},
{
"date": "2024-08-30T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
},
{
"date": "2024-08-31T00:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Information published."
},
{
"date": "2024-09-01T00:00:00.000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Information published."
},
{
"date": "2024-09-02T00:00:00.000Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Information published."
},
{
"date": "2024-09-03T00:00:00.000Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Information published."
},
{
"date": "2024-09-05T00:00:00.000Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Information published."
},
{
"date": "2024-09-06T00:00:00.000Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Information published."
},
{
"date": "2024-09-07T00:00:00.000Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Information published."
},
{
"date": "2024-09-08T00:00:00.000Z",
"legacy_version": "2",
"number": "11",
"summary": "Information published."
},
{
"date": "2024-09-11T00:00:00.000Z",
"legacy_version": "2.1",
"number": "12",
"summary": "Information published."
},
{
"date": "2026-02-18T14:02:27.000Z",
"legacy_version": "2.2",
"number": "13",
"summary": "Information published."
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 golang 1.16.7-1",
"product": {
"name": "\u003ccm1 golang 1.16.7-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cm1 golang 1.16.7-1",
"product": {
"name": "cm1 golang 1.16.7-1",
"product_id": "19007"
}
}
],
"category": "product_name",
"name": "golang"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 python-tensorboard 2.16.2-2",
"product": {
"name": "\u003cazl3 python-tensorboard 2.16.2-2",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 python-tensorboard 2.16.2-2",
"product": {
"name": "azl3 python-tensorboard 2.16.2-2",
"product_id": "17021"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 python-tensorboard 2.11.0-3",
"product": {
"name": "\u003cazl3 python-tensorboard 2.11.0-3",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 python-tensorboard 2.11.0-3",
"product": {
"name": "azl3 python-tensorboard 2.11.0-3",
"product_id": "19696"
}
}
],
"category": "product_name",
"name": "python-tensorboard"
},
{
"category": "product_name",
"name": "azl3 golang 1.24.3-1",
"product": {
"name": "azl3 golang 1.24.3-1",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 golang 1.16.7-1 as a component of CBL Mariner 1.0",
"product_id": "16820-3"
},
"product_reference": "3",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 golang 1.16.7-1 as a component of CBL Mariner 1.0",
"product_id": "19007-16820"
},
"product_reference": "19007",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-tensorboard 2.16.2-2 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-2 as a component of Azure Linux 3.0",
"product_id": "17021-17084"
},
"product_reference": "17021",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 golang 1.24.3-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-tensorboard 2.11.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.11.0-3 as a component of Azure Linux 3.0",
"product_id": "19696-17084"
},
"product_reference": "19696",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"19007-16820",
"17021-17084",
"19696-17084"
],
"known_affected": [
"16820-3",
"17084-4",
"17084-2"
],
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-29923 Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2021-29923.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-08-18T00:00:00.000Z",
"details": "1.16.7-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2021-08-18T00:00:00.000Z",
"details": "2.16.2-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4",
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"16820-3",
"17084-4",
"17084-2"
]
}
],
"title": "Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR."
}
]
}
RHSA-2021:3431
Vulnerability from csaf_redhat - Published: 2021-09-07 08:38 - Updated: 2026-04-29 18:00Summary
Red Hat Security Advisory: go-toolset-1.15-golang security update
Severity
Moderate
Notes
Topic: An update for go-toolset-1.15-golang is now available for Red Hat Developer Tools.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: net: lookup functions may return invalid host names (CVE-2021-33195)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.
5.3 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
20 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:3431 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1989564 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1989570 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2021-29923 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-29923 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-29923 | external |
| https://sick.codes/sick-2021-016/ | external |
| https://access.redhat.com/security/cve/CVE-2021-33195 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1989564 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-33195 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-33195 | external |
| https://groups.google.com/g/golang-announce/c/RgC… | external |
| https://access.redhat.com/security/cve/CVE-2021-33197 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1989570 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-33197 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-33197 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset-1.15-golang is now available for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net: lookup functions may return invalid host names (CVE-2021-33195)\n\n* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3431",
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3431.json"
}
],
"title": "Red Hat Security Advisory: go-toolset-1.15-golang security update",
"tracking": {
"current_release_date": "2026-04-29T18:00:24+00:00",
"generator": {
"date": "2026-04-29T18:00:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:3431",
"initial_release_date": "2021-09-07T08:38:58+00:00",
"revision_history": [
{
"date": "2021-09-07T08:38:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-09-07T08:38:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:00:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
},
{
"category": "product_name",
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devtools:2021"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Tools"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-race@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-bin@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-misc@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-src@1.15.14-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product_id": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-tests@1.15.14-2.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product_id": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset-1.15-golang-docs@1.15.14-2.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch"
},
"product_reference": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch"
},
"product_reference": "go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64 as a component of Red Hat Developer Tools for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
},
"product_reference": "go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-DevTools-2021.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-09-07T08:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-33195",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989564"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in the net package and methods on the Resolver type, may return arbitrary values retrieved from DNS, allowing injection of unexpected contents. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: lookup functions may return invalid host names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33195"
},
{
"category": "external",
"summary": "RHBZ#1989564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989564"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33195"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-09-07T08:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: lookup functions may return invalid host names"
},
{
"cve": "CVE-2021-33197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1989570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Since OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* For Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the golang-qpid-apache package.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF, no updates will be provided at this time for the STF containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-33197"
},
{
"category": "external",
"summary": "RHBZ#1989570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1989570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI",
"url": "https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"
}
],
"release_date": "2021-05-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-09-07T08:38:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3431"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Server-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.src",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-bin-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-docs-0:1.15.14-2.el7_9.noarch",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-misc-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-race-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-src-0:1.15.14-2.el7_9.x86_64",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.ppc64le",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.s390x",
"7Workstation-DevTools-2021.2:go-toolset-1.15-golang-tests-0:1.15.14-2.el7_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty"
}
]
}
RHSA-2021:3585
Vulnerability from csaf_redhat - Published: 2021-09-21 10:07 - Updated: 2026-04-29 18:00Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Moderate
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
10 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:3585 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/documentation/en-us/red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2021-29923 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-29923 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-29923 | external |
| https://sick.codes/sick-2021-016/ | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:3585",
"url": "https://access.redhat.com/errata/RHSA-2021:3585"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.15.7_toolset",
"url": "https://access.redhat.com/documentation/en-us/red_hat_developer_tools/1/html/using_go_1.15.7_toolset"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3585.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-04-29T18:00:24+00:00",
"generator": {
"date": "2026-04-29T18:00:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:3585",
"initial_release_date": "2021-09-21T10:07:10+00:00",
"revision_history": [
{
"date": "2021-09-21T10:07:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-09-21T10:07:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:00:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=src\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src (go-toolset:rhel8)",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=src\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src (go-toolset:rhel8)",
"product_id": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=src\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=noarch\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=s390x\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.5.0-2.module%2Bel8.4.0%2B8864%2B58b0fcdb?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.15.14-2.module%2Bel8.4.0%2B12542%2Be3fec473?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8040020210909125047:5081a262"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-09-21T10:07:10+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:3585"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debuginfo-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:delve-debugsource-0:1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:go-toolset-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.src::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.aarch64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.ppc64le::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.s390x::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-bin-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-docs-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-misc-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-race-0:1.15.14-2.module+el8.4.0+12542+e3fec473.x86_64::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-src-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8",
"AppStream-8.4.0.Z.MAIN.EUS:golang-tests-0:1.15.14-2.module+el8.4.0+12542+e3fec473.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
}
]
}
RHSA-2021:4722
Vulnerability from csaf_redhat - Published: 2021-11-17 15:38 - Updated: 2026-04-29 18:00Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.8 RPMs security and bug fix update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains OpenShift Virtualization 2.6.8 RPMs.
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.
6.5 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
17 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:4722 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1983596 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2012329 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2021-29923 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-29923 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-29923 | external |
| https://sick.codes/sick-2021-016/ | external |
| https://access.redhat.com/security/cve/CVE-2021-34558 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1983596 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-34558 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-34558 | external |
| https://golang.org/doc/devel/release#go1.15.minor | external |
| https://golang.org/doc/devel/release#go1.16.minor | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform. \n\nThis advisory contains OpenShift Virtualization 2.6.8 RPMs.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4722",
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "2012329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4722.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.8 RPMs security and bug fix update",
"tracking": {
"current_release_date": "2026-04-29T18:00:25+00:00",
"generator": {
"date": "2026-04-29T18:00:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:4722",
"initial_release_date": "2021-11-17T15:38:20+00:00",
"revision_history": [
{
"date": "2021-11-17T15:38:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-17T15:38:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:00:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 7",
"product": {
"name": "CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el7"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-0:2.6.8-211.el8.src",
"product": {
"name": "kubevirt-0:2.6.8-211.el8.src",
"product_id": "kubevirt-0:2.6.8-211.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@2.6.8-211.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kubevirt-0:2.6.8-211.el7.src",
"product": {
"name": "kubevirt-0:2.6.8-211.el7.src",
"product_id": "kubevirt-0:2.6.8-211.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt@2.6.8-211.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product_id": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@2.6.8-211.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@2.6.8-211.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product_id": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl@2.6.8-211.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product_id": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubevirt-virtctl-redistributable@2.6.8-211.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:2.6.8-211.el7.src as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src"
},
"product_reference": "kubevirt-0:2.6.8-211.el7.src",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64 as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64 as a component of CNV 2.6 for RHEL 7",
"product_id": "7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"relates_to_product_reference": "7Server-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-0:2.6.8-211.el8.src as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src"
},
"product_reference": "kubevirt-0:2.6.8-211.el8.src",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
},
"product_reference": "kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-17T15:38:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-17T15:38:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4722"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-CNV-2.6:kubevirt-0:2.6.8-211.el7.src",
"7Server-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el7.x86_64",
"7Server-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el7.x86_64",
"8Base-CNV-2.6:kubevirt-0:2.6.8-211.el8.src",
"8Base-CNV-2.6:kubevirt-virtctl-0:2.6.8-211.el8.x86_64",
"8Base-CNV-2.6:kubevirt-virtctl-redistributable-0:2.6.8-211.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
RHSA-2021:4725
Vulnerability from csaf_redhat - Published: 2021-11-17 18:39 - Updated: 2026-04-29 18:00Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.8 Images security and bug fix update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.6.8 images:
RHEL-8-CNV-2.6
==============
kubevirt-v2v-conversion-container-v2.6.8-1
hyperconverged-cluster-webhook-container-v2.6.8-1
vm-import-controller-container-v2.6.8-1
kubevirt-cpu-model-nfd-plugin-container-v2.6.8-2
vm-import-operator-container-v2.6.8-1
kubevirt-cpu-node-labeller-container-v2.6.8-1
kubevirt-ssp-operator-container-v2.6.8-1
kubemacpool-container-v2.6.8-1
cluster-network-addons-operator-container-v2.6.8-1
virt-cdi-cloner-container-v2.6.8-1
virt-cdi-uploadproxy-container-v2.6.8-1
kubernetes-nmstate-handler-container-v2.6.8-1
ovs-cni-plugin-container-v2.6.8-1
ovs-cni-marker-container-v2.6.8-1
hostpath-provisioner-operator-container-v2.6.8-1
kubevirt-vmware-container-v2.6.8-2
kubevirt-template-validator-container-v2.6.8-2
kubevirt-kvm-info-nfd-plugin-container-v2.6.8-1
node-maintenance-operator-container-v2.6.8-1
vm-import-virtv2v-container-v2.6.8-1
hostpath-provisioner-container-v2.6.8-1
virt-cdi-uploadserver-container-v2.6.8-1
cnv-containernetworking-plugins-container-v2.6.8-1
virtio-win-container-v2.6.8-2
virt-cdi-controller-container-v2.6.8-1
virt-cdi-importer-container-v2.6.8-1
virt-cdi-apiserver-container-v2.6.8-1
virt-cdi-operator-container-v2.6.8-1
bridge-marker-container-v2.6.8-1
hyperconverged-cluster-operator-container-v2.6.8-1
cnv-must-gather-container-v2.6.8-5
virt-launcher-container-v2.6.8-5
virt-operator-container-v2.6.8-5
virt-api-container-v2.6.8-5
virt-controller-container-v2.6.8-5
virt-handler-container-v2.6.8-5
hco-bundle-registry-container-v2.6.8-23
Security Fix(es):
* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.
6.5 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
21 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:4725 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1983596 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1998844 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2008522 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2010334 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2012328 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2013494 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2021-29923 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1992006 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-29923 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-29923 | external |
| https://sick.codes/sick-2021-016/ | external |
| https://access.redhat.com/security/cve/CVE-2021-34558 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1983596 | external |
| https://www.cve.org/CVERecord?id=CVE-2021-34558 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-34558 | external |
| https://golang.org/doc/devel/release#go1.15.minor | external |
| https://golang.org/doc/devel/release#go1.16.minor | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 2.6.8 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.8 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-v2v-conversion-container-v2.6.8-1\nhyperconverged-cluster-webhook-container-v2.6.8-1\nvm-import-controller-container-v2.6.8-1\nkubevirt-cpu-model-nfd-plugin-container-v2.6.8-2\nvm-import-operator-container-v2.6.8-1\nkubevirt-cpu-node-labeller-container-v2.6.8-1\nkubevirt-ssp-operator-container-v2.6.8-1\nkubemacpool-container-v2.6.8-1\ncluster-network-addons-operator-container-v2.6.8-1\nvirt-cdi-cloner-container-v2.6.8-1\nvirt-cdi-uploadproxy-container-v2.6.8-1\nkubernetes-nmstate-handler-container-v2.6.8-1\novs-cni-plugin-container-v2.6.8-1\novs-cni-marker-container-v2.6.8-1\nhostpath-provisioner-operator-container-v2.6.8-1\nkubevirt-vmware-container-v2.6.8-2\nkubevirt-template-validator-container-v2.6.8-2\nkubevirt-kvm-info-nfd-plugin-container-v2.6.8-1\nnode-maintenance-operator-container-v2.6.8-1\nvm-import-virtv2v-container-v2.6.8-1\nhostpath-provisioner-container-v2.6.8-1\nvirt-cdi-uploadserver-container-v2.6.8-1\ncnv-containernetworking-plugins-container-v2.6.8-1\nvirtio-win-container-v2.6.8-2\nvirt-cdi-controller-container-v2.6.8-1\nvirt-cdi-importer-container-v2.6.8-1\nvirt-cdi-apiserver-container-v2.6.8-1\nvirt-cdi-operator-container-v2.6.8-1\nbridge-marker-container-v2.6.8-1\nhyperconverged-cluster-operator-container-v2.6.8-1\ncnv-must-gather-container-v2.6.8-5\nvirt-launcher-container-v2.6.8-5\nvirt-operator-container-v2.6.8-5\nvirt-api-container-v2.6.8-5\nvirt-controller-container-v2.6.8-5\nvirt-handler-container-v2.6.8-5\nhco-bundle-registry-container-v2.6.8-23\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:4725",
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "1998844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998844"
},
{
"category": "external",
"summary": "2008522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2008522"
},
{
"category": "external",
"summary": "2010334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010334"
},
{
"category": "external",
"summary": "2012328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012328"
},
{
"category": "external",
"summary": "2013494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013494"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4725.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.8 Images security and bug fix update",
"tracking": {
"current_release_date": "2026-04-29T18:00:26+00:00",
"generator": {
"date": "2026-04-29T18:00:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:4725",
"initial_release_date": "2021-11-17T18:39:29+00:00",
"revision_history": [
{
"date": "2021-11-17T18:39:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-11-17T18:39:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:00:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-model-nfd-plugin\u0026tag=v2.6.8-2"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-node-labeller\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product_id": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-kvm-info-nfd-plugin\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v2.6.8-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v2.6.8-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-29923",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1992006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Extraneous zero characters at the beginning of an IP address octet are not properly considered which could allow an attacker to bypass IP-based access controls. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability potentially affects any component written in Go that uses the net standard library and ParseIP / ParseCIDR functions. There are components which might not use these functions or might use them to parse IP addresses and not manage them in any way (only store information about the ip address) . This reduces the severity of this vulnerability to Low for the following offerings:\n* OpenShift distributed tracing (formerly OpenShift Jaeger)\n* OpenShift Migration Toolkit for Containers\n* OpenShift Container Platform",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
],
"known_not_affected": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29923"
},
{
"category": "external",
"summary": "RHBZ#1992006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29923"
},
{
"category": "external",
"summary": "https://sick.codes/sick-2021-016/",
"url": "https://sick.codes/sick-2021-016/"
}
],
"release_date": "2021-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-17T18:39:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet"
},
{
"cve": "CVE-2021-34558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1983596"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate\u0027s private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0\u20131.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* This vulnerability potentially affects any component written in Go that uses crypto/tls from the standard library. It is possible for components that make client connections to malicious servers to be exploited, however the maximum impact is a crash. This vulnerability is rated Low for the following components: \n - OpenShift Container Platform\n - OpenShift distributed tracing (formerly OpenShift Jaeger)\n - OpenShift Migration Toolkit for Containers\n - Red Hat Advanced Cluster Management for Kubernetes\n - Red Hat OpenShift on AWS\n - Red Hat OpenShift Virtualization\n\n* Because OpenShift Container Platform 3.11 is in Maintenance Phase of the support, only Important and Critical severity vulnerabilities will be addressed at this time.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s containers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-34558"
},
{
"category": "external",
"summary": "RHBZ#1983596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-34558"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.15.minor",
"url": "https://golang.org/doc/devel/release#go1.15.minor"
},
{
"category": "external",
"summary": "https://golang.org/doc/devel/release#go1.16.minor",
"url": "https://golang.org/doc/devel/release#go1.16.minor"
}
],
"release_date": "2021-07-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-11-17T18:39:29+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:4725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:1c1628b639e26d05faf413c775d22d4a0ddd51d033473f740b2741b3d81e1716_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:5888aa247f7e7a1e1e169fc224854527fa314e617d567c4fc6a36666ef783218_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:c4bf7b19fa46e3ce2e43051a9b108662f0061325ab417aaca71b00c3821910eb_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:be60d10cd7bc87227136534878dc750f59da0a97eb2cc74f331e80e681feb098_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: certificate of wrong type is causing TLS client to panic"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…