Vulnerability-Lookup

CVE-2021-39141 (GCVE-0-2021-39141)

Vulnerability from cvelistv5 – Published: 2021-08-23 18:05 – Updated: 2024-08-04 01:58

Title

XStream is vulnerable to an Arbitrary Code Execution attack

Summary

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.

Severity

8.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-434 - Unrestricted Upload of File with Dangerous Type
CWE-502 - Deserialization of Untrusted Data

Assigner

GitHub_M

References

11 references

URL	Tags
https://github.com/x-stream/xstream/security/advi…	x_refsource_CONFIRM
https://x-stream.github.io/CVE-2021-39141.html	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://www.debian.org/security/2021/dsa-5004	vendor-advisoryx_refsource_DEBIAN
https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2021092…	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuapr2022.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2022.html	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
x-stream	xstream	Affected: < 1.4.18

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://x-stream.github.io/CVE-2021-39141.html"
          },
          {
            "name": "[debian-lts-announce] 20210929 [SECURITY] [DLA 2769-1] libxstream-java security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html"
          },
          {
            "name": "FEDORA-2021-fbad11014a",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/"
          },
          {
            "name": "FEDORA-2021-d894ca87dc",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/"
          },
          {
            "name": "FEDORA-2021-5e376c0ed9",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/"
          },
          {
            "name": "DSA-5004",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-5004"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "xstream",
          "vendor": "x-stream",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.18"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502: Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T16:32:30.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://x-stream.github.io/CVE-2021-39141.html"
        },
        {
          "name": "[debian-lts-announce] 20210929 [SECURITY] [DLA 2769-1] libxstream-java security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html"
        },
        {
          "name": "FEDORA-2021-fbad11014a",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/"
        },
        {
          "name": "FEDORA-2021-d894ca87dc",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/"
        },
        {
          "name": "FEDORA-2021-5e376c0ed9",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/"
        },
        {
          "name": "DSA-5004",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2021/dsa-5004"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        }
      ],
      "source": {
        "advisory": "GHSA-g5w6-mrj7-75h2",
        "discovery": "UNKNOWN"
      },
      "title": "XStream is vulnerable to an Arbitrary Code Execution attack",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39141",
          "STATE": "PUBLIC",
          "TITLE": "XStream is vulnerable to an Arbitrary Code Execution attack"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "xstream",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.4.18"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "x-stream"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-434: Unrestricted Upload of File with Dangerous Type"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-502: Deserialization of Untrusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2",
              "refsource": "CONFIRM",
              "url": "https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2"
            },
            {
              "name": "https://x-stream.github.io/CVE-2021-39141.html",
              "refsource": "MISC",
              "url": "https://x-stream.github.io/CVE-2021-39141.html"
            },
            {
              "name": "[debian-lts-announce] 20210929 [SECURITY] [DLA 2769-1] libxstream-java security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html"
            },
            {
              "name": "FEDORA-2021-fbad11014a",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/"
            },
            {
              "name": "FEDORA-2021-d894ca87dc",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/"
            },
            {
              "name": "FEDORA-2021-5e376c0ed9",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/"
            },
            {
              "name": "DSA-5004",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2021/dsa-5004"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210923-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20210923-0003/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-g5w6-mrj7-75h2",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39141",
    "datePublished": "2021-08-23T18:05:11.000Z",
    "dateReserved": "2021-08-16T00:00:00.000Z",
    "dateUpdated": "2024-08-04T01:58:18.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-39141",
      "date": "2026-06-19",
      "epss": "0.16245",
      "percentile": "0.9654"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.4.18\", \"matchCriteriaId\": \"C167B4EE-A889-44E0-A745-51B37BEEEA70\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\", \"matchCriteriaId\": \"26A2B713-7D6D-420A-93A4-E0D983C983DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\", \"matchCriteriaId\": \"64DE38C8-94F1-4860-B045-F33928F676A8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA8461A2-428C-4817-92A9-0C671545698D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A3622F5-5976-4BBC-A147-FC8A6431EA79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A9E4125-B744-4A9D-BFE6-5D82939958FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"261212BD-125A-487F-97E8-A9587935DFE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6B6FE82-7BFA-481D-99D6-789B146CA18B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4479F76A-4B67-41CC-98C7-C76B81050F8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D299528-8EF0-49AF-9BDE-4B6C6B1DA36C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17A91FD9-9F77-42D3-A4D9-48BC7568ADE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"539DA24F-E3E0-4455-84C6-A9D96CD601B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7637F8B-15F1-42E2-BE18-E1FF7C66587D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E43D793A-7756-4D58-A8ED-72DC4EC9CEA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"490B2C44-CECD-4551-B04F-4076D0E053C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5435B365-BFF3-4A9E-B45C-42D8F1E20FB7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FAC3840-2CF8-44CE-81BB-EEEBDA00A34A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.3.0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"900521A0-453C-4D97-B5EB-BADF0245370D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DF02546-3F0D-4FDD-89B1-8A3FE43FB5BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F906F04-39E4-4BE4-8A73-9D058AAADB43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B393A82-476A-4270-A903-38ED4169E431\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3ED272C-A545-4F8C-86C0-2736B3F2DCAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A502118-5B2B-47AE-82EC-1999BD841103\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.\"}, {\"lang\": \"es\", \"value\": \"XStream es una biblioteca sencilla para serializar objetos a XML y viceversa. En las versiones afectadas, esta vulnerabilidad puede permitir que un atacante remoto cargue y ejecute c\\u00f3digo arbitrario desde un host remoto s\\u00f3lo al manipular el flujo de entrada procesado. No est\\u00e1 afectado ning\\u00fan usuario que haya seguido la recomendaci\\u00f3n de configurar el framework de seguridad de XStream con una lista blanca limitada a los tipos m\\u00ednimos necesarios. XStream versi\\u00f3n 1.4.18 ya no usa una lista negra por defecto, ya que no puede ser asegurada para fines generales.\"}]",
      "id": "CVE-2021-39141",
      "lastModified": "2024-11-21T06:18:41.053",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.8, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-08-23T18:15:12.010",
      "references": "[{\"url\": \"https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210923-0003/\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-5004\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://x-stream.github.io/CVE-2021-39141.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20210923-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-5004\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://x-stream.github.io/CVE-2021-39141.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}, {\"lang\": \"en\", \"value\": \"CWE-502\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}, {\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-39141\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-08-23T18:15:12.010\",\"lastModified\":\"2025-05-23T16:52:36.523\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.\"},{\"lang\":\"es\",\"value\":\"XStream es una biblioteca sencilla para serializar objetos a XML y viceversa. En las versiones afectadas, esta vulnerabilidad puede permitir que un atacante remoto cargue y ejecute c\u00f3digo arbitrario desde un host remoto s\u00f3lo al manipular el flujo de entrada procesado. No est\u00e1 afectado ning\u00fan usuario que haya seguido la recomendaci\u00f3n de configurar el framework de seguridad de XStream con una lista blanca limitada a los tipos m\u00ednimos necesarios. XStream versi\u00f3n 1.4.18 ya no usa una lista negra por defecto, ya que no puede ser asegurada para fines generales.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":6.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"},{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"},{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xstream:xstream:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.18\",\"matchCriteriaId\":\"A01843B3-11E1-4CD5-9C77-CC57B908B845\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\",\"matchCriteriaId\":\"26A2B713-7D6D-420A-93A4-E0D983C983DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA8461A2-428C-4817-92A9-0C671545698D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A3622F5-5976-4BBC-A147-FC8A6431EA79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A9E4125-B744-4A9D-BFE6-5D82939958FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"261212BD-125A-487F-97E8-A9587935DFE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4CA84D6-F312-4C29-A02B-050FCB7A902B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6B6FE82-7BFA-481D-99D6-789B146CA18B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4479F76A-4B67-41CC-98C7-C76B81050F8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D299528-8EF0-49AF-9BDE-4B6C6B1DA36C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17A91FD9-9F77-42D3-A4D9-48BC7568ADE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"539DA24F-E3E0-4455-84C6-A9D96CD601B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7637F8B-15F1-42E2-BE18-E1FF7C66587D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E43D793A-7756-4D58-A8ED-72DC4EC9CEA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"490B2C44-CECD-4551-B04F-4076D0E053C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC41EB8-73B4-4BDF-9321-F34EC0BAF9E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48EFC111-B01B-4C34-87E4-D6B2C40C0122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073FEA23-E46A-4C73-9D29-95CFF4F5A59D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69FB468-EAF3-4E67-95E7-DF92C281C1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5435B365-BFF3-4A9E-B45C-42D8F1E20FB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FAC3840-2CF8-44CE-81BB-EEEBDA00A34A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.3.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900521A0-453C-4D97-B5EB-BADF0245370D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.3.0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF02546-3F0D-4FDD-89B1-8A3FE43FB5BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F906F04-39E4-4BE4-8A73-9D058AAADB43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B393A82-476A-4270-A903-38ED4169E431\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3ED272C-A545-4F8C-86C0-2736B3F2DCAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A502118-5B2B-47AE-82EC-1999BD841103\"}]}]}],\"references\":[{\"url\":\"https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210923-0003/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5004\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://x-stream.github.io/CVE-2021-39141.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/09/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20210923-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-5004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://x-stream.github.io/CVE-2021-39141.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}"
  }
}

SUSE-SU-2021:3476-1

Vulnerability from csaf_suse - Published: 2021-10-20 06:42 - Updated: 2021-10-20 06:42

Summary

Security update for xstream

Severity

Important

Notes

Title of the patch: Security update for xstream

Description of the patch: This update for xstream fixes the following issues: - Upgrade to 1.4.18 - CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798) - CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798) - CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798) - CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798) - CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)

Patchnames: SUSE-2021-3476,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3476,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3476,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2021-3476,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2021-3476

CVE-2021-39139

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39140

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39141

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39144

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39145

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39146

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39147

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39148

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39149

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39150

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39151

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39152

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39153

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

CVE-2021-39154

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch	—	Vendor Fix

Threats

Impact important

References

47 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2021…	self
https://bugzilla.suse.com/1189798	self
https://www.suse.com/security/cve/CVE-2021-39139/	self
https://www.suse.com/security/cve/CVE-2021-39140/	self
https://www.suse.com/security/cve/CVE-2021-39141/	self
https://www.suse.com/security/cve/CVE-2021-39144/	self
https://www.suse.com/security/cve/CVE-2021-39145/	self
https://www.suse.com/security/cve/CVE-2021-39146/	self
https://www.suse.com/security/cve/CVE-2021-39147/	self
https://www.suse.com/security/cve/CVE-2021-39148/	self
https://www.suse.com/security/cve/CVE-2021-39149/	self
https://www.suse.com/security/cve/CVE-2021-39150/	self
https://www.suse.com/security/cve/CVE-2021-39151/	self
https://www.suse.com/security/cve/CVE-2021-39152/	self
https://www.suse.com/security/cve/CVE-2021-39153/	self
https://www.suse.com/security/cve/CVE-2021-39154/	self
https://www.suse.com/security/cve/CVE-2021-39139	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39140	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39141	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39144	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39145	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39146	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39147	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39148	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39149	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39150	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39151	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39152	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39153	external
https://bugzilla.suse.com/1189798	external
https://www.suse.com/security/cve/CVE-2021-39154	external
https://bugzilla.suse.com/1189798	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xstream",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xstream fixes the following issues:\n\n- Upgrade to 1.4.18\n- CVE-2021-39139: Fixed an issue that allowed an attacker to execute arbitrary code execution by manipulating the processed input stream with type information. (bsc#1189798)\n- CVE-2021-39140: Fixed an issue that allowed an attacker to execute a DoS attack by manipulating the processed input stream. (bsc#1189798)\n- CVE-2021-39141: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39144: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39145: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39146: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39147: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39148: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39149: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39150: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798)\n- CVE-2021-39151: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39152: Fixed an issue that allowed an attacker to access protected resources hosted within the intranet or in the host itself. (bsc#1189798)\n- CVE-2021-39153: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n- CVE-2021-39154: Fixed an issue that allowed an attacker to achieve arbitrary code execution. (bsc#1189798)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2021-3476,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3476,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3476,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2021-3476,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2021-3476",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3476-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2021:3476-1",
        "url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213476-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2021:3476-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2021-October/020532.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1189798",
        "url": "https://bugzilla.suse.com/1189798"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39139 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39139/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39140 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39141 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39141/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39144 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39144/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39145 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39145/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39146 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39146/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39147 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39147/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39148 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39148/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39149 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39149/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39150 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39151 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39151/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39152 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39153 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39153/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39154 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39154/"
      }
    ],
    "title": "Security update for xstream",
    "tracking": {
      "current_release_date": "2021-10-20T06:42:25Z",
      "generator": {
        "date": "2021-10-20T06:42:25Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2021:3476-1",
      "initial_release_date": "2021-10-20T06:42:25Z",
      "revision_history": [
        {
          "date": "2021-10-20T06:42:25Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xstream-1.4.18-3.14.1.noarch",
                "product": {
                  "name": "xstream-1.4.18-3.14.1.noarch",
                  "product_id": "xstream-1.4.18-3.14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "xstream-benchmark-1.4.18-3.14.1.noarch",
                "product": {
                  "name": "xstream-benchmark-1.4.18-3.14.1.noarch",
                  "product_id": "xstream-benchmark-1.4.18-3.14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "xstream-javadoc-1.4.18-3.14.1.noarch",
                "product": {
                  "name": "xstream-javadoc-1.4.18-3.14.1.noarch",
                  "product_id": "xstream-javadoc-1.4.18-3.14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "xstream-parent-1.4.18-3.14.1.noarch",
                "product": {
                  "name": "xstream-parent-1.4.18-3.14.1.noarch",
                  "product_id": "xstream-parent-1.4.18-3.14.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server Module 4.1",
                "product": {
                  "name": "SUSE Manager Server Module 4.1",
                  "product_id": "SUSE Manager Server Module 4.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server Module 4.2",
                "product": {
                  "name": "SUSE Manager Server Module 4.2",
                  "product_id": "SUSE Manager Server Module 4.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xstream-1.4.18-3.14.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch"
        },
        "product_reference": "xstream-1.4.18-3.14.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xstream-1.4.18-3.14.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch"
        },
        "product_reference": "xstream-1.4.18-3.14.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xstream-1.4.18-3.14.1.noarch as component of SUSE Manager Server Module 4.1",
          "product_id": "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch"
        },
        "product_reference": "xstream-1.4.18-3.14.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server Module 4.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xstream-1.4.18-3.14.1.noarch as component of SUSE Manager Server Module 4.2",
          "product_id": "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        },
        "product_reference": "xstream-1.4.18-3.14.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server Module 4.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-39139",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39139"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of the box with JDK 1.7u21 or below. However, this scenario can be adjusted easily to an external Xalan that works regardless of the version of the Java runtime. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39139",
          "url": "https://www.suse.com/security/cve/CVE-2021-39139"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39139",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39139"
    },
    {
      "cve": "CVE-2021-39140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39140",
          "url": "https://www.suse.com/security/cve/CVE-2021-39140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39140",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39140"
    },
    {
      "cve": "CVE-2021-39141",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39141"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39141",
          "url": "https://www.suse.com/security/cve/CVE-2021-39141"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39141",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39141"
    },
    {
      "cve": "CVE-2021-39144",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39144"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39144",
          "url": "https://www.suse.com/security/cve/CVE-2021-39144"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39144",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39144"
    },
    {
      "cve": "CVE-2021-39145",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39145"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39145",
          "url": "https://www.suse.com/security/cve/CVE-2021-39145"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39145",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39145"
    },
    {
      "cve": "CVE-2021-39146",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39146"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39146",
          "url": "https://www.suse.com/security/cve/CVE-2021-39146"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39146",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39146"
    },
    {
      "cve": "CVE-2021-39147",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39147"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39147",
          "url": "https://www.suse.com/security/cve/CVE-2021-39147"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39147",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39147"
    },
    {
      "cve": "CVE-2021-39148",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39148"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39148",
          "url": "https://www.suse.com/security/cve/CVE-2021-39148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39148",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39148"
    },
    {
      "cve": "CVE-2021-39149",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39149"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39149",
          "url": "https://www.suse.com/security/cve/CVE-2021-39149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39149",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39149"
    },
    {
      "cve": "CVE-2021-39150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39150",
          "url": "https://www.suse.com/security/cve/CVE-2021-39150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39150",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39150"
    },
    {
      "cve": "CVE-2021-39151",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39151"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39151",
          "url": "https://www.suse.com/security/cve/CVE-2021-39151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39151",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39151"
    },
    {
      "cve": "CVE-2021-39152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. If you rely on XStream\u0027s default blacklist of the [Security Framework](https://x-stream.github.io/security.html#framework), you will have to use at least version 1.4.18.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39152",
          "url": "https://www.suse.com/security/cve/CVE-2021-39152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39152",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39152"
    },
    {
      "cve": "CVE-2021-39153",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39153"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime version 14 to 8 or with JavaFX installed. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39153",
          "url": "https://www.suse.com/security/cve/CVE-2021-39153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39153",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39153"
    },
    {
      "cve": "CVE-2021-39154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream\u0027s security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
          "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39154",
          "url": "https://www.suse.com/security/cve/CVE-2021-39154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1189798 for CVE-2021-39154",
          "url": "https://bugzilla.suse.com/1189798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:xstream-1.4.18-3.14.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.1:xstream-1.4.18-3.14.1.noarch",
            "SUSE Manager Server Module 4.2:xstream-1.4.18-3.14.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-10-20T06:42:25Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39154"
    }
  ]
}

WID-SEC-W-2023-0682

Vulnerability from csaf_certbund - Published: 2021-10-24 22:00 - Updated: 2023-06-27 22:00

Summary

Red Hat Enterprise Linux (xstream): Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Komponente xstream ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen, einen Denial of Service Zustand herzustellen und vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme: - UNIX - Linux

CVE-2021-39139

In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39141

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39144

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39145

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39146

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39147

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39148

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39149

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39151

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39153

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39154

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39140

In Red Hat Enterprise Linux existiert eine Schwachstelle. Der Fehler besteht in der Komponente xstream aufgrund einer Endlosschleife durch unsichere Deserialisierung von sun.reflect.annotation.AnnotationInvocationHandler. Ein entfernter authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39150

In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream durch eine mögliche Server-Side Request Forgery (SSRF) durch unsichere Deserialisierung von jdk.nashorn.internal.runtime.Source$URLData. Ein entfernter authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Daten von internen Ressourcen anzufordern, die nicht öffentlich zugänglich sind, indem er den verarbeiteten Eingabestrom manipuliert und so vertrauliche Informationen offenlegen kann.

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2021-39152

Affected products

Known affected 4 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:7`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

References

12 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2023:3892	external
https://access.redhat.com/errata/RHSA-2023:1303	external
https://access.redhat.com/errata/RHSA-2021:3956	external
http://linux.oracle.com/errata/ELSA-2021-3956.html	external
https://www.debian.org/security/2021/dsa-5004	external
https://access.redhat.com/errata/RHSA-2021:4767	external
https://access.redhat.com/errata/RHSA-2021:4918	external
https://access.redhat.com/errata/RHSA-2022:0297	external
https://access.redhat.com/errata/RHSA-2022:0296	external
https://access.redhat.com/errata/RHSA-2022:0520	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Komponente xstream ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren, einen Denial of Service Zustand herzustellen und vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0682 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-0682.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0682 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0682"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:3892 vom 2023-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2023:3892"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:1303 vom 2023-03-17",
        "url": "https://access.redhat.com/errata/RHSA-2023:1303"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2021-10-24",
        "url": "https://access.redhat.com/errata/RHSA-2021:3956"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-3956 vom 2021-10-25",
        "url": "http://linux.oracle.com/errata/ELSA-2021-3956.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5004 vom 2021-11-11",
        "url": "https://www.debian.org/security/2021/dsa-5004"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:4767 vom 2021-11-23",
        "url": "https://access.redhat.com/errata/RHSA-2021:4767"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:4918 vom 2021-12-02",
        "url": "https://access.redhat.com/errata/RHSA-2021:4918"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0297 vom 2022-01-26",
        "url": "https://access.redhat.com/errata/RHSA-2022:0297"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0296 vom 2022-01-26",
        "url": "https://access.redhat.com/errata/RHSA-2022:0296"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:0520 vom 2022-02-14",
        "url": "https://access.redhat.com/errata/RHSA-2022:0520"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux (xstream): Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-06-27T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:46:52.404+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0682",
      "initial_release_date": "2021-10-24T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2021-10-24T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2021-10-25T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2021-11-11T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2021-11-23T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-12-02T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-01-26T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-02-14T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-03-19T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-06-27T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux 7",
                "product": {
                  "name": "Red Hat Enterprise Linux 7",
                  "product_id": "T003303",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-39139",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39139"
    },
    {
      "cve": "CVE-2021-39141",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39141"
    },
    {
      "cve": "CVE-2021-39144",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39144"
    },
    {
      "cve": "CVE-2021-39145",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39145"
    },
    {
      "cve": "CVE-2021-39146",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39146"
    },
    {
      "cve": "CVE-2021-39147",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39147"
    },
    {
      "cve": "CVE-2021-39148",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39148"
    },
    {
      "cve": "CVE-2021-39149",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39149"
    },
    {
      "cve": "CVE-2021-39151",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39151"
    },
    {
      "cve": "CVE-2021-39153",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39153"
    },
    {
      "cve": "CVE-2021-39154",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream aufgrund von mehrfacher unsicherer Deserialisierung von Xalan xsltc.trax.TemplatesImpl, com.sun.xml.internal.ws.client.sei.*, sun.tracing.*, com.sun. jndi.ldap.LdapBindingEnumeration, javax.swing.UIDefaults$ProxyLazyValue, com.sun.jndi.ldap.LdapSearchEnumeration, com.sun.jndi.toolkit.dir.ContextEnumerator und com.sun.corba.*. Ein entfernter authentisierter Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39154"
    },
    {
      "cve": "CVE-2021-39140",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existiert eine Schwachstelle. Der Fehler besteht in der Komponente xstream aufgrund einer Endlosschleife durch unsichere Deserialisierung von sun.reflect.annotation.AnnotationInvocationHandler. Ein entfernter authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39140"
    },
    {
      "cve": "CVE-2021-39150",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream durch eine m\u00f6gliche Server-Side Request Forgery (SSRF) durch unsichere Deserialisierung von jdk.nashorn.internal.runtime.Source$URLData. Ein entfernter authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Daten von internen Ressourcen anzufordern, die nicht \u00f6ffentlich zug\u00e4nglich sind, indem er den verarbeiteten Eingabestrom manipuliert und so vertrauliche Informationen offenlegen kann."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39150"
    },
    {
      "cve": "CVE-2021-39152",
      "notes": [
        {
          "category": "description",
          "text": "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Die Fehler bestehen in der Komponente xstream durch eine m\u00f6gliche Server-Side Request Forgery (SSRF) durch unsichere Deserialisierung von jdk.nashorn.internal.runtime.Source$URLData. Ein entfernter authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Daten von internen Ressourcen anzufordern, die nicht \u00f6ffentlich zug\u00e4nglich sind, indem er den verarbeiteten Eingabestrom manipuliert und so vertrauliche Informationen offenlegen kann."
        }
      ],
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T003303",
          "T004914"
        ]
      },
      "release_date": "2021-10-24T22:00:00.000+00:00",
      "title": "CVE-2021-39152"
    }
  ]
}

WID-SEC-W-2026-0180

Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00

Summary

Dell Data Protection Advisor: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Data Protection Advisor ist eine Monitoring Lösung. Der Collector ist der lokale Agent.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Sicherheitsmaßnahmen zu umgehen und nicht näher spezifizierte Angriffe zu starten.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2009-2625

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2010-4252

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2010-5298

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2011-1473

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2011-1945

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2012-0027

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2012-0213

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2012-0881

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2012-6153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2013-0166

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2013-0169

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2013-4002

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2013-4366

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2013-7285

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-0076

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-0114

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-0195

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-0221

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-0224

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3470

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3488

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3490

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3505

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3506

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3507

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3510

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3529

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3558

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3566

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3567

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3568

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3570

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3571

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3572

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3574

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-3623

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-7839

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-8122

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-8125

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-8176

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-8275

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2014-9527

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0204

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0209

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0286

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0287

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0288

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0289

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0292

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-0293

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-1788

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-1789

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-1790

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-1791

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-1792

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-2156

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-3158

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-3195

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-4000

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-5241

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2015-5253

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-0703

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-0704

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-0750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2105

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2106

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2107

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2108

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2109

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2176

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2177

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2178

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2179

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2180

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2181

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2182

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2183

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-2510

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-3674

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-4606

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-4802

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-5000

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-5419

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-5420

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-5421

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6302

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6303

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6304

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6345

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6346

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6347

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6348

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-6812

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-7056

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-7141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-7167

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8610

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8615

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8616

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8617

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8618

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8619

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8620

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8621

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8622

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8623

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8624

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8625

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-8739

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9586

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9594

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9843

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9878

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9952

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2016-9953

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000100

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000101

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000207

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000208

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000254

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000257

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-1000487

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-12626

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-15089

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-15095

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-17485

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-2629

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-2638

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-3156

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-3735

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-3737

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-5644

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-5662

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-5929

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-7525

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-7957

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-8816

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-8817

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2017-9502

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000007

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000120

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000121

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000122

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000301

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1000632

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1002200

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-10237

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-11307

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-11771

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-12022

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-1275

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14371

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14618

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14718

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14719

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14720

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-14721

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-16839

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-16842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-16890

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-19360

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-19361

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-19362

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-25032

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-8013

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2018-8039

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-10086

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-10158

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-10173

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-10174

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-10219

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12086

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12384

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12406

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12415

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12419

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12423

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-12814

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-14379

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-14439

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-14540

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-14892

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-14893

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-1559

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-16168

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-16335

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-16942

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-16943

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-17091

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-17267

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-17531

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-17566

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-17573

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-19645

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-19646

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-20330

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-3822

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-3823

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-5427

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-5436

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-5443

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2019-5482

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-10650

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-10673

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-10969

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-11655

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-11656

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-11979

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-11987

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13434

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13435

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13630

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13631

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13632

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-13954

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-14297

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-15250

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-15358

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-1945

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-1954

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-1968

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-24025

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-24616

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-24750

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-25711

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-26217

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-26258

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-26259

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-28499

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-35490

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-35491

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-35728

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36179

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36180

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36181

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36182

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36183

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36184

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36185

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36186

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36187

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36188

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-36189

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-6950

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8177

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8231

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8284

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8285

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8286

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-8840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-9546

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-9547

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2020-9548

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-20190

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-20250

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21341

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21342

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21343

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21344

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21345

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21346

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21347

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21348

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21349

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21350

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21351

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21363

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-21364

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22570

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22876

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22898

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22922

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22923

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22924

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22925

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22926

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22946

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-22947

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-23839

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-23840

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-23841

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-23926

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-27568

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-29425

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-29505

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-33813

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-35515

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-35516

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-35517

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-36090

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-36373

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-3712

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39139

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39140

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39141

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39144

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39145

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39146

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39147

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39148

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39149

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39150

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39151

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39152

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-39154

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-4044

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-42550

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2021-43859

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-0084

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-0778

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-22576

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-25758

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-25883

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-25927

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-26336

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-27774

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-27776

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-27781

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-27782

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-32206

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-32208

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-32221

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-33987

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-3509

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-3510

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-35252

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-35737

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-37434

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-38778

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-38900

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-40151

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-41704

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-41940

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-41966

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-4244

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-4245

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-42890

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-43552

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-44729

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-44730

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2022-45688

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-0842

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-1370

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-20860

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-26136

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-26159

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-27533

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-27534

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-27535

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-27536

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-27538

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-28319

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-28320

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-28321

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-28322

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-31125

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-32697

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-35116

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-37460

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-38546

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-44270

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-45133

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-45853

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-46218

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2023-7104

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2024-22243

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2024-51127

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2024-7264

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2025-31257

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2025-53057

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2025-53066

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2025-61748

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

CVE-2025-61755

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Dell Data Protection Advisor <19.12 SP2 Dell / Data Protection Advisor		<19.12 SP2

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.dell.com/support/kbdoc/000417034	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Data Protection Advisor ist eine Monitoring L\u00f6sung. Der Collector ist der lokale Agent.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen, Sicherheitsma\u00dfnahmen zu umgehen und nicht n\u00e4her spezifizierte Angriffe zu starten.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0180 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0180.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0180 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0180"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-031 vom 2026-01-20",
        "url": "https://www.dell.com/support/kbdoc/000417034"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell Data Protection Advisor: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-01-20T23:00:00.000+00:00",
      "generator": {
        "date": "2026-01-21T11:19:18.076+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0180",
      "initial_release_date": "2026-01-20T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-20T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.12 SP2",
                "product": {
                  "name": "Dell Data Protection Advisor \u003c19.12 SP2",
                  "product_id": "T050241"
                }
              },
              {
                "category": "product_version",
                "name": "19.12 SP2",
                "product": {
                  "name": "Dell Data Protection Advisor 19.12 SP2",
                  "product_id": "T050241-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:data_protection_advisor:19.12_sp2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Data Protection Advisor"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-2625",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2009-2625"
    },
    {
      "cve": "CVE-2010-4252",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2010-4252"
    },
    {
      "cve": "CVE-2010-5298",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2010-5298"
    },
    {
      "cve": "CVE-2011-1473",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2011-1473"
    },
    {
      "cve": "CVE-2011-1945",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2011-1945"
    },
    {
      "cve": "CVE-2012-0027",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2012-0027"
    },
    {
      "cve": "CVE-2012-0213",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2012-0213"
    },
    {
      "cve": "CVE-2012-0881",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2012-0881"
    },
    {
      "cve": "CVE-2012-6153",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2012-6153"
    },
    {
      "cve": "CVE-2013-0166",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2013-0166"
    },
    {
      "cve": "CVE-2013-0169",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2013-0169"
    },
    {
      "cve": "CVE-2013-4002",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2013-4002"
    },
    {
      "cve": "CVE-2013-4366",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2013-4366"
    },
    {
      "cve": "CVE-2013-7285",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2013-7285"
    },
    {
      "cve": "CVE-2014-0076",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-0076"
    },
    {
      "cve": "CVE-2014-0114",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-0114"
    },
    {
      "cve": "CVE-2014-0195",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-0195"
    },
    {
      "cve": "CVE-2014-0221",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-0221"
    },
    {
      "cve": "CVE-2014-0224",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-0224"
    },
    {
      "cve": "CVE-2014-3470",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3470"
    },
    {
      "cve": "CVE-2014-3488",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3488"
    },
    {
      "cve": "CVE-2014-3490",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3490"
    },
    {
      "cve": "CVE-2014-3505",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3505"
    },
    {
      "cve": "CVE-2014-3506",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3506"
    },
    {
      "cve": "CVE-2014-3507",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3507"
    },
    {
      "cve": "CVE-2014-3510",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3510"
    },
    {
      "cve": "CVE-2014-3529",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3529"
    },
    {
      "cve": "CVE-2014-3558",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3558"
    },
    {
      "cve": "CVE-2014-3566",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3566"
    },
    {
      "cve": "CVE-2014-3567",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3567"
    },
    {
      "cve": "CVE-2014-3568",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3568"
    },
    {
      "cve": "CVE-2014-3570",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3570"
    },
    {
      "cve": "CVE-2014-3571",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3571"
    },
    {
      "cve": "CVE-2014-3572",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3572"
    },
    {
      "cve": "CVE-2014-3574",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3574"
    },
    {
      "cve": "CVE-2014-3623",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-3623"
    },
    {
      "cve": "CVE-2014-7839",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-7839"
    },
    {
      "cve": "CVE-2014-8122",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-8122"
    },
    {
      "cve": "CVE-2014-8125",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-8125"
    },
    {
      "cve": "CVE-2014-8176",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-8176"
    },
    {
      "cve": "CVE-2014-8275",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-8275"
    },
    {
      "cve": "CVE-2014-9527",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2014-9527"
    },
    {
      "cve": "CVE-2015-0204",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0204"
    },
    {
      "cve": "CVE-2015-0209",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0209"
    },
    {
      "cve": "CVE-2015-0286",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0286"
    },
    {
      "cve": "CVE-2015-0287",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0287"
    },
    {
      "cve": "CVE-2015-0288",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0288"
    },
    {
      "cve": "CVE-2015-0289",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0289"
    },
    {
      "cve": "CVE-2015-0292",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0292"
    },
    {
      "cve": "CVE-2015-0293",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-0293"
    },
    {
      "cve": "CVE-2015-1788",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-1788"
    },
    {
      "cve": "CVE-2015-1789",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-1789"
    },
    {
      "cve": "CVE-2015-1790",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-1790"
    },
    {
      "cve": "CVE-2015-1791",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-1791"
    },
    {
      "cve": "CVE-2015-1792",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-1792"
    },
    {
      "cve": "CVE-2015-2156",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-2156"
    },
    {
      "cve": "CVE-2015-3158",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-3158"
    },
    {
      "cve": "CVE-2015-3195",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-3195"
    },
    {
      "cve": "CVE-2015-4000",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-4000"
    },
    {
      "cve": "CVE-2015-5241",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-5241"
    },
    {
      "cve": "CVE-2015-5253",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2015-5253"
    },
    {
      "cve": "CVE-2016-0703",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-0703"
    },
    {
      "cve": "CVE-2016-0704",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-0704"
    },
    {
      "cve": "CVE-2016-0750",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-0750"
    },
    {
      "cve": "CVE-2016-2105",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2105"
    },
    {
      "cve": "CVE-2016-2106",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2106"
    },
    {
      "cve": "CVE-2016-2107",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2107"
    },
    {
      "cve": "CVE-2016-2108",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2108"
    },
    {
      "cve": "CVE-2016-2109",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2109"
    },
    {
      "cve": "CVE-2016-2141",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2141"
    },
    {
      "cve": "CVE-2016-2176",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2176"
    },
    {
      "cve": "CVE-2016-2177",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2177"
    },
    {
      "cve": "CVE-2016-2178",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2178"
    },
    {
      "cve": "CVE-2016-2179",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2179"
    },
    {
      "cve": "CVE-2016-2180",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2180"
    },
    {
      "cve": "CVE-2016-2181",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2181"
    },
    {
      "cve": "CVE-2016-2182",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2182"
    },
    {
      "cve": "CVE-2016-2183",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2183"
    },
    {
      "cve": "CVE-2016-2510",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-2510"
    },
    {
      "cve": "CVE-2016-3674",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-3674"
    },
    {
      "cve": "CVE-2016-4606",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-4606"
    },
    {
      "cve": "CVE-2016-4802",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-4802"
    },
    {
      "cve": "CVE-2016-5000",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-5000"
    },
    {
      "cve": "CVE-2016-5419",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-5419"
    },
    {
      "cve": "CVE-2016-5420",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-5420"
    },
    {
      "cve": "CVE-2016-5421",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-5421"
    },
    {
      "cve": "CVE-2016-6302",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6302"
    },
    {
      "cve": "CVE-2016-6303",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6303"
    },
    {
      "cve": "CVE-2016-6304",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6304"
    },
    {
      "cve": "CVE-2016-6345",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6345"
    },
    {
      "cve": "CVE-2016-6346",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6346"
    },
    {
      "cve": "CVE-2016-6347",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6347"
    },
    {
      "cve": "CVE-2016-6348",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6348"
    },
    {
      "cve": "CVE-2016-6812",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-6812"
    },
    {
      "cve": "CVE-2016-7056",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-7056"
    },
    {
      "cve": "CVE-2016-7141",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-7141"
    },
    {
      "cve": "CVE-2016-7167",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-7167"
    },
    {
      "cve": "CVE-2016-8610",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8610"
    },
    {
      "cve": "CVE-2016-8615",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8615"
    },
    {
      "cve": "CVE-2016-8616",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8616"
    },
    {
      "cve": "CVE-2016-8617",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8617"
    },
    {
      "cve": "CVE-2016-8618",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8618"
    },
    {
      "cve": "CVE-2016-8619",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8619"
    },
    {
      "cve": "CVE-2016-8620",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8620"
    },
    {
      "cve": "CVE-2016-8621",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8621"
    },
    {
      "cve": "CVE-2016-8622",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8622"
    },
    {
      "cve": "CVE-2016-8623",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8623"
    },
    {
      "cve": "CVE-2016-8624",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8624"
    },
    {
      "cve": "CVE-2016-8625",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8625"
    },
    {
      "cve": "CVE-2016-8739",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-8739"
    },
    {
      "cve": "CVE-2016-9586",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9586"
    },
    {
      "cve": "CVE-2016-9594",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9594"
    },
    {
      "cve": "CVE-2016-9840",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9840"
    },
    {
      "cve": "CVE-2016-9841",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9841"
    },
    {
      "cve": "CVE-2016-9842",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9842"
    },
    {
      "cve": "CVE-2016-9843",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9843"
    },
    {
      "cve": "CVE-2016-9878",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9878"
    },
    {
      "cve": "CVE-2016-9952",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9952"
    },
    {
      "cve": "CVE-2016-9953",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2016-9953"
    },
    {
      "cve": "CVE-2017-1000100",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000100"
    },
    {
      "cve": "CVE-2017-1000101",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000101"
    },
    {
      "cve": "CVE-2017-1000207",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000207"
    },
    {
      "cve": "CVE-2017-1000208",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000208"
    },
    {
      "cve": "CVE-2017-1000254",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000254"
    },
    {
      "cve": "CVE-2017-1000257",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000257"
    },
    {
      "cve": "CVE-2017-1000487",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-1000487"
    },
    {
      "cve": "CVE-2017-12626",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-12626"
    },
    {
      "cve": "CVE-2017-15089",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-15089"
    },
    {
      "cve": "CVE-2017-15095",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-15095"
    },
    {
      "cve": "CVE-2017-17485",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-17485"
    },
    {
      "cve": "CVE-2017-2629",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-2629"
    },
    {
      "cve": "CVE-2017-2638",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-2638"
    },
    {
      "cve": "CVE-2017-3156",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-3156"
    },
    {
      "cve": "CVE-2017-3735",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-3735"
    },
    {
      "cve": "CVE-2017-3737",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-3737"
    },
    {
      "cve": "CVE-2017-5644",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-5644"
    },
    {
      "cve": "CVE-2017-5662",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-5662"
    },
    {
      "cve": "CVE-2017-5929",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-5929"
    },
    {
      "cve": "CVE-2017-7525",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-7525"
    },
    {
      "cve": "CVE-2017-7957",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-7957"
    },
    {
      "cve": "CVE-2017-8816",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-8816"
    },
    {
      "cve": "CVE-2017-8817",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-8817"
    },
    {
      "cve": "CVE-2017-9502",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2017-9502"
    },
    {
      "cve": "CVE-2018-1000007",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000007"
    },
    {
      "cve": "CVE-2018-1000120",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000120"
    },
    {
      "cve": "CVE-2018-1000121",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000121"
    },
    {
      "cve": "CVE-2018-1000122",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000122"
    },
    {
      "cve": "CVE-2018-1000301",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000301"
    },
    {
      "cve": "CVE-2018-1000632",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1000632"
    },
    {
      "cve": "CVE-2018-1002200",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1002200"
    },
    {
      "cve": "CVE-2018-10237",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-10237"
    },
    {
      "cve": "CVE-2018-11307",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-11307"
    },
    {
      "cve": "CVE-2018-11771",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-11771"
    },
    {
      "cve": "CVE-2018-12022",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-12022"
    },
    {
      "cve": "CVE-2018-1275",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-1275"
    },
    {
      "cve": "CVE-2018-14371",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14371"
    },
    {
      "cve": "CVE-2018-14618",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14618"
    },
    {
      "cve": "CVE-2018-14718",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14718"
    },
    {
      "cve": "CVE-2018-14719",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14719"
    },
    {
      "cve": "CVE-2018-14720",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14720"
    },
    {
      "cve": "CVE-2018-14721",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-14721"
    },
    {
      "cve": "CVE-2018-16839",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-16839"
    },
    {
      "cve": "CVE-2018-16842",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-16842"
    },
    {
      "cve": "CVE-2018-16890",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-16890"
    },
    {
      "cve": "CVE-2018-19360",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-19360"
    },
    {
      "cve": "CVE-2018-19361",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-19361"
    },
    {
      "cve": "CVE-2018-19362",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-19362"
    },
    {
      "cve": "CVE-2018-25032",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2018-8013",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-8013"
    },
    {
      "cve": "CVE-2018-8039",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2018-8039"
    },
    {
      "cve": "CVE-2019-10086",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-10086"
    },
    {
      "cve": "CVE-2019-10158",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-10158"
    },
    {
      "cve": "CVE-2019-10173",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-10173"
    },
    {
      "cve": "CVE-2019-10174",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-10174"
    },
    {
      "cve": "CVE-2019-10219",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-10219"
    },
    {
      "cve": "CVE-2019-12086",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12086"
    },
    {
      "cve": "CVE-2019-12384",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12384"
    },
    {
      "cve": "CVE-2019-12406",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12406"
    },
    {
      "cve": "CVE-2019-12415",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12415"
    },
    {
      "cve": "CVE-2019-12419",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12419"
    },
    {
      "cve": "CVE-2019-12423",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12423"
    },
    {
      "cve": "CVE-2019-12814",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-12814"
    },
    {
      "cve": "CVE-2019-14379",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-14379"
    },
    {
      "cve": "CVE-2019-14439",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-14439"
    },
    {
      "cve": "CVE-2019-14540",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-14540"
    },
    {
      "cve": "CVE-2019-14892",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-14892"
    },
    {
      "cve": "CVE-2019-14893",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-14893"
    },
    {
      "cve": "CVE-2019-1559",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-1559"
    },
    {
      "cve": "CVE-2019-16168",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-16168"
    },
    {
      "cve": "CVE-2019-16335",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-16335"
    },
    {
      "cve": "CVE-2019-16942",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-16942"
    },
    {
      "cve": "CVE-2019-16943",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-16943"
    },
    {
      "cve": "CVE-2019-17091",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-17091"
    },
    {
      "cve": "CVE-2019-17267",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-17267"
    },
    {
      "cve": "CVE-2019-17531",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-17531"
    },
    {
      "cve": "CVE-2019-17566",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-17566"
    },
    {
      "cve": "CVE-2019-17573",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-17573"
    },
    {
      "cve": "CVE-2019-19645",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-19645"
    },
    {
      "cve": "CVE-2019-19646",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-19646"
    },
    {
      "cve": "CVE-2019-20330",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-20330"
    },
    {
      "cve": "CVE-2019-3822",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-3822"
    },
    {
      "cve": "CVE-2019-3823",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-3823"
    },
    {
      "cve": "CVE-2019-5427",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-5427"
    },
    {
      "cve": "CVE-2019-5436",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-5436"
    },
    {
      "cve": "CVE-2019-5443",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-5443"
    },
    {
      "cve": "CVE-2019-5482",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2019-5482"
    },
    {
      "cve": "CVE-2020-10650",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-10650"
    },
    {
      "cve": "CVE-2020-10673",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-10673"
    },
    {
      "cve": "CVE-2020-10969",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-10969"
    },
    {
      "cve": "CVE-2020-11655",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-11655"
    },
    {
      "cve": "CVE-2020-11656",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-11656"
    },
    {
      "cve": "CVE-2020-11979",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-11979"
    },
    {
      "cve": "CVE-2020-11987",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-11987"
    },
    {
      "cve": "CVE-2020-13434",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13434"
    },
    {
      "cve": "CVE-2020-13435",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13435"
    },
    {
      "cve": "CVE-2020-13630",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13630"
    },
    {
      "cve": "CVE-2020-13631",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13631"
    },
    {
      "cve": "CVE-2020-13632",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13632"
    },
    {
      "cve": "CVE-2020-13954",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-13954"
    },
    {
      "cve": "CVE-2020-14297",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-14297"
    },
    {
      "cve": "CVE-2020-15250",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-15250"
    },
    {
      "cve": "CVE-2020-15358",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-15358"
    },
    {
      "cve": "CVE-2020-1945",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-1945"
    },
    {
      "cve": "CVE-2020-1954",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-1954"
    },
    {
      "cve": "CVE-2020-1968",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-1968"
    },
    {
      "cve": "CVE-2020-24025",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-24025"
    },
    {
      "cve": "CVE-2020-24616",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-24616"
    },
    {
      "cve": "CVE-2020-24750",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-24750"
    },
    {
      "cve": "CVE-2020-25711",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-25711"
    },
    {
      "cve": "CVE-2020-26217",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-26217"
    },
    {
      "cve": "CVE-2020-26258",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-26258"
    },
    {
      "cve": "CVE-2020-26259",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-26259"
    },
    {
      "cve": "CVE-2020-28499",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-28499"
    },
    {
      "cve": "CVE-2020-35490",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-35490"
    },
    {
      "cve": "CVE-2020-35491",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-35491"
    },
    {
      "cve": "CVE-2020-35728",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-35728"
    },
    {
      "cve": "CVE-2020-36179",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36179"
    },
    {
      "cve": "CVE-2020-36180",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36180"
    },
    {
      "cve": "CVE-2020-36181",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36181"
    },
    {
      "cve": "CVE-2020-36182",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36182"
    },
    {
      "cve": "CVE-2020-36183",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36183"
    },
    {
      "cve": "CVE-2020-36184",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36184"
    },
    {
      "cve": "CVE-2020-36185",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36185"
    },
    {
      "cve": "CVE-2020-36186",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36186"
    },
    {
      "cve": "CVE-2020-36187",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36187"
    },
    {
      "cve": "CVE-2020-36188",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36188"
    },
    {
      "cve": "CVE-2020-36189",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-36189"
    },
    {
      "cve": "CVE-2020-6950",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-6950"
    },
    {
      "cve": "CVE-2020-8177",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8177"
    },
    {
      "cve": "CVE-2020-8231",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8231"
    },
    {
      "cve": "CVE-2020-8284",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8284"
    },
    {
      "cve": "CVE-2020-8285",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8285"
    },
    {
      "cve": "CVE-2020-8286",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8286"
    },
    {
      "cve": "CVE-2020-8840",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-8840"
    },
    {
      "cve": "CVE-2020-9546",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-9546"
    },
    {
      "cve": "CVE-2020-9547",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-9547"
    },
    {
      "cve": "CVE-2020-9548",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2020-9548"
    },
    {
      "cve": "CVE-2021-20190",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-20190"
    },
    {
      "cve": "CVE-2021-20250",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-20250"
    },
    {
      "cve": "CVE-2021-21341",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21341"
    },
    {
      "cve": "CVE-2021-21342",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21342"
    },
    {
      "cve": "CVE-2021-21343",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21343"
    },
    {
      "cve": "CVE-2021-21344",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21344"
    },
    {
      "cve": "CVE-2021-21345",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21345"
    },
    {
      "cve": "CVE-2021-21346",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21346"
    },
    {
      "cve": "CVE-2021-21347",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21347"
    },
    {
      "cve": "CVE-2021-21348",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21348"
    },
    {
      "cve": "CVE-2021-21349",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21349"
    },
    {
      "cve": "CVE-2021-21350",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21350"
    },
    {
      "cve": "CVE-2021-21351",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21351"
    },
    {
      "cve": "CVE-2021-21363",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21363"
    },
    {
      "cve": "CVE-2021-21364",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-21364"
    },
    {
      "cve": "CVE-2021-22570",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22570"
    },
    {
      "cve": "CVE-2021-22876",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22876"
    },
    {
      "cve": "CVE-2021-22898",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22898"
    },
    {
      "cve": "CVE-2021-22922",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22922"
    },
    {
      "cve": "CVE-2021-22923",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22923"
    },
    {
      "cve": "CVE-2021-22924",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22924"
    },
    {
      "cve": "CVE-2021-22925",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22925"
    },
    {
      "cve": "CVE-2021-22926",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22926"
    },
    {
      "cve": "CVE-2021-22946",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-23839",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-23839"
    },
    {
      "cve": "CVE-2021-23840",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-23840"
    },
    {
      "cve": "CVE-2021-23841",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-23841"
    },
    {
      "cve": "CVE-2021-23926",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-23926"
    },
    {
      "cve": "CVE-2021-27568",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-27568"
    },
    {
      "cve": "CVE-2021-29425",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-29505",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-29505"
    },
    {
      "cve": "CVE-2021-33813",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-33813"
    },
    {
      "cve": "CVE-2021-35515",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-35515"
    },
    {
      "cve": "CVE-2021-35516",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-35516"
    },
    {
      "cve": "CVE-2021-35517",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-35517"
    },
    {
      "cve": "CVE-2021-36090",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-36090"
    },
    {
      "cve": "CVE-2021-36373",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-36373"
    },
    {
      "cve": "CVE-2021-3712",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-3712"
    },
    {
      "cve": "CVE-2021-39139",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39139"
    },
    {
      "cve": "CVE-2021-39140",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39140"
    },
    {
      "cve": "CVE-2021-39141",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39141"
    },
    {
      "cve": "CVE-2021-39144",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39144"
    },
    {
      "cve": "CVE-2021-39145",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39145"
    },
    {
      "cve": "CVE-2021-39146",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39146"
    },
    {
      "cve": "CVE-2021-39147",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39147"
    },
    {
      "cve": "CVE-2021-39148",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39148"
    },
    {
      "cve": "CVE-2021-39149",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39149"
    },
    {
      "cve": "CVE-2021-39150",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39150"
    },
    {
      "cve": "CVE-2021-39151",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39151"
    },
    {
      "cve": "CVE-2021-39152",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39152"
    },
    {
      "cve": "CVE-2021-39153",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39153"
    },
    {
      "cve": "CVE-2021-39154",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-39154"
    },
    {
      "cve": "CVE-2021-4044",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-4044"
    },
    {
      "cve": "CVE-2021-42550",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-42550"
    },
    {
      "cve": "CVE-2021-43859",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2021-43859"
    },
    {
      "cve": "CVE-2022-0084",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-0084"
    },
    {
      "cve": "CVE-2022-0778",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-0778"
    },
    {
      "cve": "CVE-2022-22576",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-25758",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-25758"
    },
    {
      "cve": "CVE-2022-25883",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-25883"
    },
    {
      "cve": "CVE-2022-25927",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-25927"
    },
    {
      "cve": "CVE-2022-26336",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-26336"
    },
    {
      "cve": "CVE-2022-27774",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27776",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27781",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-32206",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32208",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-33987",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-33987"
    },
    {
      "cve": "CVE-2022-3509",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-3509"
    },
    {
      "cve": "CVE-2022-3510",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-3510"
    },
    {
      "cve": "CVE-2022-35252",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-35737",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-35737"
    },
    {
      "cve": "CVE-2022-37434",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-37434"
    },
    {
      "cve": "CVE-2022-38778",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-38778"
    },
    {
      "cve": "CVE-2022-38900",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-38900"
    },
    {
      "cve": "CVE-2022-40151",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-40151"
    },
    {
      "cve": "CVE-2022-41704",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-41704"
    },
    {
      "cve": "CVE-2022-41940",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-41940"
    },
    {
      "cve": "CVE-2022-41966",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-41966"
    },
    {
      "cve": "CVE-2022-4244",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-4244"
    },
    {
      "cve": "CVE-2022-4245",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-4245"
    },
    {
      "cve": "CVE-2022-42890",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-42890"
    },
    {
      "cve": "CVE-2022-43552",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-44729",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-44729"
    },
    {
      "cve": "CVE-2022-44730",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-44730"
    },
    {
      "cve": "CVE-2022-45688",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2022-45688"
    },
    {
      "cve": "CVE-2023-0842",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-0842"
    },
    {
      "cve": "CVE-2023-1370",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-1370"
    },
    {
      "cve": "CVE-2023-20860",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-20860"
    },
    {
      "cve": "CVE-2023-26136",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-26136"
    },
    {
      "cve": "CVE-2023-26159",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-27533",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27538",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28319",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-28319"
    },
    {
      "cve": "CVE-2023-28320",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-28320"
    },
    {
      "cve": "CVE-2023-28321",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-28321"
    },
    {
      "cve": "CVE-2023-28322",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-28322"
    },
    {
      "cve": "CVE-2023-31125",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-31125"
    },
    {
      "cve": "CVE-2023-32697",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-32697"
    },
    {
      "cve": "CVE-2023-35116",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-37460",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-37460"
    },
    {
      "cve": "CVE-2023-38546",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-38546"
    },
    {
      "cve": "CVE-2023-44270",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-44270"
    },
    {
      "cve": "CVE-2023-45133",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-45133"
    },
    {
      "cve": "CVE-2023-45853",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-46218",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-7104",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2023-7104"
    },
    {
      "cve": "CVE-2024-22243",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2024-22243"
    },
    {
      "cve": "CVE-2024-51127",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2024-51127"
    },
    {
      "cve": "CVE-2024-7264",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2025-31257",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2025-31257"
    },
    {
      "cve": "CVE-2025-53057",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2025-53057"
    },
    {
      "cve": "CVE-2025-53066",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2025-53066"
    },
    {
      "cve": "CVE-2025-61748",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2025-61748"
    },
    {
      "cve": "CVE-2025-61755",
      "product_status": {
        "known_affected": [
          "T050241"
        ]
      },
      "release_date": "2026-01-20T23:00:00.000+00:00",
      "title": "CVE-2025-61755"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-39141 (GCVE-0-2021-39141)

SUSE-SU-2021:3476-1

WID-SEC-W-2023-0682

WID-SEC-W-2026-0180

Tags

Sightings

Nomenclature