Vulnerability-Lookup

CVE-2024-22201 (GCVE-0-2024-22201)

Vulnerability from cvelistv5 – Published: 2024-02-26 16:13 – Updated: 2025-02-13 17:33

Title

Jetty connection leaking on idle timeout when TCP congested

Summary

Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

GitHub_M

References

5 references

URL	Tags
https://github.com/jetty/jetty.project/security/a…	x_refsource_CONFIRM
https://github.com/jetty/jetty.project/issues/11256	x_refsource_MISC
https://security.netapp.com/advisory/ntap-2024032…
https://lists.debian.org/debian-lts-announce/2024…
http://www.openwall.com/lists/oss-security/2024/03/20/2

Impacted products

2 products

Vendor	Product	Version
jetty	jetty.project	Affected: >= 9.3.0, <= 9.4.53 Affected: >= 10.0.0, <= 10.0.19 Affected: >= 11.0.0, <= 11.0.19 Affected: >= 12.0.0, <= 12.0.5
jetty	jetty.project	Affected: 9.3.0 , ≤ 9.4.53 (custom) Affected: 10.0.0 , ≤ 10.0.19 (custom) Affected: 11.0.0 , ≤ 11.0.19 (custom) Affected: 12.0.0 , ≤ 12.0.5 (custom) cpe:2.3:a:jetty:jetty.project::::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:35:34.848Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
          },
          {
            "name": "https://github.com/jetty/jetty.project/issues/11256",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/jetty/jetty.project/issues/11256"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jetty:jetty.project:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jetty.project",
            "vendor": "jetty",
            "versions": [
              {
                "lessThanOrEqual": "9.4.53",
                "status": "affected",
                "version": "9.3.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "10.0.19",
                "status": "affected",
                "version": "10.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "11.0.19",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "12.0.5",
                "status": "affected",
                "version": "12.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22201",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-01T18:49:17.679314Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T14:21:40.015Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jetty.project",
          "vendor": "jetty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 9.3.0, \u003c= 9.4.53"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.0.0, \u003c= 10.0.19"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0, \u003c= 11.0.19"
            },
            {
              "status": "affected",
              "version": "\u003e= 12.0.0, \u003c= 12.0.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T18:08:05.942Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
        },
        {
          "name": "https://github.com/jetty/jetty.project/issues/11256",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jetty/jetty.project/issues/11256"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240329-0001/"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/20/2"
        }
      ],
      "source": {
        "advisory": "GHSA-rggv-cv7r-mw98",
        "discovery": "UNKNOWN"
      },
      "title": "Jetty connection leaking on idle timeout when TCP congested"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-22201",
    "datePublished": "2024-02-26T16:13:33.848Z",
    "dateReserved": "2024-01-08T04:59:27.371Z",
    "dateUpdated": "2025-02-13T17:33:34.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-22201",
      "date": "2026-06-03",
      "epss": "0.00559",
      "percentile": "0.68585"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Jetty es un servidor web y motor de servlet basado en Java. Una conexi\\u00f3n SSL HTTP/2 que est\\u00e9 establecida y TCP congestionada se filtrar\\u00e1 cuando expire el tiempo de espera. Un atacante puede provocar que muchas conexiones terminen en este estado y que el servidor se quede sin descriptores de archivos, lo que eventualmente provocar\\u00e1 que el servidor deje de aceptar nuevas conexiones de clientes v\\u00e1lidos. La vulnerabilidad est\\u00e1 parcheada en 9.4.54, 10.0.20, 11.0.20 y 12.0.6.\"}]",
      "id": "CVE-2024-22201",
      "lastModified": "2024-11-21T08:55:47.193",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
      "published": "2024-02-26T16:27:56.343",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/20/2\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/jetty/jetty.project/issues/11256\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0001/\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/20/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/jetty/jetty.project/issues/11256\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22201\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-26T16:27:56.343\",\"lastModified\":\"2025-02-13T18:16:46.810\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.\"},{\"lang\":\"es\",\"value\":\"Jetty es un servidor web y motor de servlet basado en Java. Una conexi\u00f3n SSL HTTP/2 que est\u00e9 establecida y TCP congestionada se filtrar\u00e1 cuando expire el tiempo de espera. Un atacante puede provocar que muchas conexiones terminen en este estado y que el servidor se quede sin descriptores de archivos, lo que eventualmente provocar\u00e1 que el servidor deje de aceptar nuevas conexiones de clientes v\u00e1lidos. La vulnerabilidad est\u00e1 parcheada en 9.4.54, 10.0.20, 11.0.20 y 12.0.6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.3.0\",\"versionEndExcluding\":\"9.4.54\",\"matchCriteriaId\":\"81569DC0-AF55-4626-9C18-E28CE3C59946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.20\",\"matchCriteriaId\":\"63104980-9A3B-4B74-8B99-4C89DCEE7190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.20\",\"matchCriteriaId\":\"AB6A0E19-3A46-4FD0-9049-E321B0376F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.6\",\"matchCriteriaId\":\"31EC28A0-676C-42ED-92F0-DC9457CF18C7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*\",\"matchCriteriaId\":\"F3E0B672-3E06-4422-B2A4-0BD073AEC2A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC1AE8BD-EE3F-494C-9F03-D4B2B7233106\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/20/2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jetty/jetty.project/issues/11256\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240329-0001/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/20/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jetty/jetty.project/issues/11256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240329-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"name\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/jetty/jetty.project/issues/11256\", \"name\": \"https://github.com/jetty/jetty.project/issues/11256\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/20/2\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:35:34.848Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22201\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-01T18:49:17.679314Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:jetty:jetty.project:*:*:*:*:*:*:*:*\"], \"vendor\": \"jetty\", \"product\": \"jetty.project\", \"versions\": [{\"status\": \"affected\", \"version\": \"9.3.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.4.53\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"10.0.19\"}, {\"status\": \"affected\", \"version\": \"11.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"11.0.19\"}, {\"status\": \"affected\", \"version\": \"12.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"12.0.5\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-28T14:21:13.397Z\"}}], \"cna\": {\"title\": \"Jetty connection leaking on idle timeout when TCP congested\", \"source\": {\"advisory\": \"GHSA-rggv-cv7r-mw98\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"jetty\", \"product\": \"jetty.project\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 9.3.0, \u003c= 9.4.53\"}, {\"status\": \"affected\", \"version\": \"\u003e= 10.0.0, \u003c= 10.0.19\"}, {\"status\": \"affected\", \"version\": \"\u003e= 11.0.0, \u003c= 11.0.19\"}, {\"status\": \"affected\", \"version\": \"\u003e= 12.0.0, \u003c= 12.0.5\"}]}], \"references\": [{\"url\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"name\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/jetty/jetty.project/issues/11256\", \"name\": \"https://github.com/jetty/jetty.project/issues/11256\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240329-0001/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00002.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/20/2\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.\\n\\n\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-02-26T16:13:33.848Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-22201\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-28T14:21:40.015Z\", \"dateReserved\": \"2024-01-08T04:59:27.371Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-02-26T16:13:33.848Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

NCSC-2024-0297

Vulnerability from csaf_ncscnl - Published: 2024-07-17 13:53 - Updated: 2024-07-17 13:53

Summary

Kwetsbaarheden verholpen in Oracle Financial Services Applications

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: * Denial-of-Service (DoS) * Toegang tot gevoelige gegevens * Toegang tot systeemgegevens * Manipulatie van gegevens * (Remote) code execution (Gebruikersrechten)

Oplossingen: Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.

Kans: medium

Schade: high

CWE-1188: Initialization of a Resource with an Insecure Default

CWE-121: Stack-based Buffer Overflow

CWE-20: Improper Input Validation

CWE-306: Missing Authentication for Critical Function

CWE-328: Use of Weak Hash

CWE-400: Uncontrolled Resource Consumption

CWE-404: Improper Resource Shutdown or Release

CWE-416: Use After Free

CWE-426: Untrusted Search Path

CWE-502: Deserialization of Untrusted Data

CWE-532: Insertion of Sensitive Information into Log File

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2022-36944

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 53 products

CVE-2023-6129

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-328 - Use of Weak Hash

Affected products

Known affected 31 products

CVE-2023-26031

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-426 - Untrusted Search Path

Affected products

Known affected 23 products

CVE-2023-34055

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 55 products

CVE-2023-44483

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 55 products

CVE-2023-47248

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 47 products

CVE-2023-50447

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Affected products

Known affected 23 products

CVE-2023-51074

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 31 products

CVE-2023-52425

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 23 products

CVE-2024-2511

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 23 products

CVE-2024-21188

Affected products

Known affected 24 products

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 31 products

CVE-2024-22262

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 23 products

CVE-2024-23807

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 23 products

CVE-2024-24549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 31 products

CVE-2024-24816

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 31 products

CVE-2024-25062

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 - Use After Free

Affected products

Known affected 31 products

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 31 products

CVE-2024-29025

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 23 products

CVE-2024-29133

CWE-787 - Out-of-bounds Write

Affected products

Known affected 23 products

CVE-2024-32114

8.5 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H

CWE-306 - Missing Authentication for Critical Function

Affected products

Known affected 23 products

References

44 references

URL	Category
https://nvd.nist.gov/vuln/detail/CVE-2022-36944	external
https://nvd.nist.gov/vuln/detail/CVE-2023-26031	external
https://nvd.nist.gov/vuln/detail/CVE-2023-34055	external
https://nvd.nist.gov/vuln/detail/CVE-2023-44483	external
https://nvd.nist.gov/vuln/detail/CVE-2023-47248	external
https://nvd.nist.gov/vuln/detail/CVE-2023-50447	external
https://nvd.nist.gov/vuln/detail/CVE-2023-51074	external
https://nvd.nist.gov/vuln/detail/CVE-2023-52425	external
https://nvd.nist.gov/vuln/detail/CVE-2023-6129	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21188	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22262	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23807	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24549	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24816	external
https://nvd.nist.gov/vuln/detail/CVE-2024-25062	external
https://nvd.nist.gov/vuln/detail/CVE-2024-2511	external
https://nvd.nist.gov/vuln/detail/CVE-2024-26308	external
https://nvd.nist.gov/vuln/detail/CVE-2024-29025	external
https://nvd.nist.gov/vuln/detail/CVE-2024-29133	external
https://nvd.nist.gov/vuln/detail/CVE-2024-32114	external
https://www.oracle.com/docs/tech/security-alerts/…	external
https://www.oracle.com/security-alerts/cpujul2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Er zijn kwetsbaarheden verholpen in Oracle Financial Services Applications.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Initialization of a Resource with an Insecure Default",
        "title": "CWE-1188"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Use of Weak Hash",
        "title": "CWE-328"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36944"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26031"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34055"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44483"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47248"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50447"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51074"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21188"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23807"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24816"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2511"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29133"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32114"
      },
      {
        "category": "external",
        "summary": "Reference - oracle",
        "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
      }
    ],
    "title": " Kwetsbaarheden verholpen in Oracle Financial Services Applications",
    "tracking": {
      "current_release_date": "2024-07-17T13:53:54.655859Z",
      "id": "NCSC-2024-0297",
      "initial_release_date": "2024-07-17T13:53:54.655859Z",
      "revision_history": [
        {
          "date": "2024-07-17T13:53:54.655859Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9522",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-8848",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-189067",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-816828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1503630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_cash_flow_engine",
            "product": {
              "name": "financial_services_cash_flow_engine",
              "product_id": "CSAFPID-764273",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-345047",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-816829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-816830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_lending_and_leasing",
            "product": {
              "name": "financial_services_lending_and_leasing",
              "product_id": "CSAFPID-816831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816840",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765264",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816836",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816837",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816839",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816841",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503923",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-220374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36944",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764273",
          "CSAFPID-611392",
          "CSAFPID-611391",
          "CSAFPID-9522",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-344846",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-344845",
          "CSAFPID-816835",
          "CSAFPID-765266",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-8848",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-219772",
          "CSAFPID-219770",
          "CSAFPID-345047",
          "CSAFPID-219774",
          "CSAFPID-180190",
          "CSAFPID-219773",
          "CSAFPID-219771",
          "CSAFPID-220374"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36944",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36944.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764273",
            "CSAFPID-611392",
            "CSAFPID-611391",
            "CSAFPID-9522",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-344846",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-344845",
            "CSAFPID-816835",
            "CSAFPID-765266",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-8848",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-219772",
            "CSAFPID-219770",
            "CSAFPID-345047",
            "CSAFPID-219774",
            "CSAFPID-180190",
            "CSAFPID-219773",
            "CSAFPID-219771",
            "CSAFPID-220374"
          ]
        }
      ],
      "title": "CVE-2022-36944"
    },
    {
      "cve": "CVE-2023-6129",
      "cwe": {
        "id": "CWE-328",
        "name": "Use of Weak Hash"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Weak Hash",
          "title": "CWE-328"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6129",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-34055",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34055",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34055.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-47248",
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1503318",
          "CSAFPID-1503319",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-47248",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-47248.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1503318",
            "CSAFPID-1503319",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-47248"
    },
    {
      "cve": "CVE-2023-50447",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50447",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50447.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2511",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-21188",
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-816842"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21188",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21188.json"
        }
      ],
      "title": "CVE-2024-21188"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-24816",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-24816"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-32114",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        },
        {
          "category": "other",
          "text": "Initialization of a Resource with an Insecure Default",
          "title": "CWE-1188"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2024-32114"
    }
  ]
}

NCSC-2024-0298

Vulnerability from csaf_ncscnl - Published: 2024-07-17 13:54 - Updated: 2024-07-17 13:54

Summary

Kwetsbaarheden verholpen in Oracle Fusion Middleware

Notes

Feiten: Er zijn kwetsbaarheden verholpen in Oracle Fusion Middleware.

Oplossingen: Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.

Kans: medium

Schade: high

CWE-122: Heap-based Buffer Overflow

CWE-145: Improper Neutralization of Section Delimiters

CWE-190: Integer Overflow or Wraparound

CWE-20: Improper Input Validation

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-222: Truncation of Security-relevant Information

CWE-284: Improper Access Control

CWE-299: Improper Check for Certificate Revocation

CWE-306: Missing Authentication for Critical Function

CWE-328: Use of Weak Hash

CWE-377: Insecure Temporary File

CWE-400: Uncontrolled Resource Consumption

CWE-404: Improper Resource Shutdown or Release

CWE-416: Use After Free

CWE-552: Files or Directories Accessible to External Parties

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-787: Out-of-bounds Write

CWE-918: Server-Side Request Forgery (SSRF)

CVE-2020-1945

CWE-377 - Insecure Temporary File

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2020-13956

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2021-29425

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2021-37533

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2022-40152

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2022-45378

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-306 - Missing Authentication for Critical Function

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-2976

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—

CVE-2023-4759

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-5072

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—

CVE-2023-6129

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-328 - Use of Weak Hash

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-24998

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—

CVE-2023-29081

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-34034

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-36478

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—

CVE-2023-45853

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-46750

6.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2023-48795

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—

CVE-2023-52425

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-0853

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-299 - Improper Check for Certificate Revocation

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-21133

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-21175

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-21181

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-21182

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-21183

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-22243

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-22259

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-22262

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-25062

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 - Use After Free

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
fusion_middleware_mapviewer oracle	`cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*`	—
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-29025

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

CVE-2024-29857

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
fusion_middleware oracle	`cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:::::::*`	—

References

64 references

URL	Category
https://nvd.nist.gov/vuln/detail/CVE-2020-13956	external
https://nvd.nist.gov/vuln/detail/CVE-2020-1945	external
https://nvd.nist.gov/vuln/detail/CVE-2021-29425	external
https://nvd.nist.gov/vuln/detail/CVE-2022-45378	external
https://nvd.nist.gov/vuln/detail/CVE-2023-24998	external
https://nvd.nist.gov/vuln/detail/CVE-2023-29081	external
https://nvd.nist.gov/vuln/detail/CVE-2023-2976	external
https://nvd.nist.gov/vuln/detail/CVE-2023-34034	external
https://nvd.nist.gov/vuln/detail/CVE-2023-36478	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45853	external
https://nvd.nist.gov/vuln/detail/CVE-2023-46750	external
https://nvd.nist.gov/vuln/detail/CVE-2023-4759	external
https://nvd.nist.gov/vuln/detail/CVE-2023-48795	external
https://nvd.nist.gov/vuln/detail/CVE-2023-5072	external
https://nvd.nist.gov/vuln/detail/CVE-2023-52425	external
https://nvd.nist.gov/vuln/detail/CVE-2023-6129	external
https://nvd.nist.gov/vuln/detail/CVE-2024-0853	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21133	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21175	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21181	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21182	external
https://nvd.nist.gov/vuln/detail/CVE-2024-21183	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22243	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22259	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22262	external
https://nvd.nist.gov/vuln/detail/CVE-2024-25062	external
https://nvd.nist.gov/vuln/detail/CVE-2024-26308	external
https://nvd.nist.gov/vuln/detail/CVE-2024-29025	external
https://nvd.nist.gov/vuln/detail/CVE-2024-29857	external
https://www.oracle.com/docs/tech/security-alerts/…	external
https://www.oracle.com/security-alerts/cpujul2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Er zijn kwetsbaarheden verholpen in Oracle Fusion Middleware.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Section Delimiters",
        "title": "CWE-145"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Check for Certificate Revocation",
        "title": "CWE-299"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Use of Weak Hash",
        "title": "CWE-328"
      },
      {
        "category": "general",
        "text": "Insecure Temporary File",
        "title": "CWE-377"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Files or Directories Accessible to External Parties",
        "title": "CWE-552"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13956"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45378"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29081"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34034"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45853"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46750"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4759"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21133"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21175"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21181"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21182"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21183"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22243"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
      },
      {
        "category": "external",
        "summary": "Reference - oracle",
        "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
      }
    ],
    "title": " Kwetsbaarheden verholpen in Oracle Fusion Middleware",
    "tracking": {
      "current_release_date": "2024-07-17T13:54:00.411174Z",
      "id": "NCSC-2024-0298",
      "initial_release_date": "2024-07-17T13:54:00.411174Z",
      "revision_history": [
        {
          "date": "2024-07-17T13:54:00.411174Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "fusion_middleware_mapviewer",
            "product": {
              "name": "fusion_middleware_mapviewer",
              "product_id": "CSAFPID-226018",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fusion_middleware",
            "product": {
              "name": "fusion_middleware",
              "product_id": "CSAFPID-271904",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-1945",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insecure Temporary File",
          "title": "CWE-377"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1945",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1945.json"
        }
      ],
      "title": "CVE-2020-1945"
    },
    {
      "cve": "CVE-2020-13956",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13956",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2020-13956"
    },
    {
      "cve": "CVE-2021-29425",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-29425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-29425.json"
        }
      ],
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-37533",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-37533",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2021-37533"
    },
    {
      "cve": "CVE-2022-40152",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-40152",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40152.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2022-40152"
    },
    {
      "cve": "CVE-2022-45378",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-45378",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45378.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2022-45378"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904",
          "CSAFPID-226018"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2976",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904",
            "CSAFPID-226018"
          ]
        }
      ],
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-4759",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4759",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-4759"
    },
    {
      "cve": "CVE-2023-5072",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904",
          "CSAFPID-226018"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5072",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904",
            "CSAFPID-226018"
          ]
        }
      ],
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-6129",
      "cwe": {
        "id": "CWE-328",
        "name": "Use of Weak Hash"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use of Weak Hash",
          "title": "CWE-328"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6129",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-24998",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904",
          "CSAFPID-226018"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
        }
      ],
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-29081",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29081",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29081.json"
        }
      ],
      "title": "CVE-2023-29081"
    },
    {
      "cve": "CVE-2023-34034",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Section Delimiters",
          "title": "CWE-145"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34034",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34034.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-34034"
    },
    {
      "cve": "CVE-2023-36478",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904",
          "CSAFPID-226018"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-36478",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36478.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904",
            "CSAFPID-226018"
          ]
        }
      ],
      "title": "CVE-2023-36478"
    },
    {
      "cve": "CVE-2023-45853",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45853",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45853.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-45853"
    },
    {
      "cve": "CVE-2023-46750",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-46750"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904",
          "CSAFPID-226018"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904",
            "CSAFPID-226018"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-0853",
      "cwe": {
        "id": "CWE-299",
        "name": "Improper Check for Certificate Revocation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Check for Certificate Revocation",
          "title": "CWE-299"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0853",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0853.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-0853"
    },
    {
      "cve": "CVE-2024-21133",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21133.json"
        }
      ],
      "title": "CVE-2024-21133"
    },
    {
      "cve": "CVE-2024-21175",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21175",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21175.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-21175"
    },
    {
      "cve": "CVE-2024-21181",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21181",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21181.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-21181"
    },
    {
      "cve": "CVE-2024-21182",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-21182"
    },
    {
      "cve": "CVE-2024-21183",
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21183",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21183.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-21183"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22243",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22243",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22243.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-22243"
    },
    {
      "cve": "CVE-2024-22259",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        },
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22259",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22259.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-22259"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-226018",
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-226018",
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-271904"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-271904"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    }
  ]
}

NCSC-2024-0411

Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:15 - Updated: 2024-10-17 13:15

Summary

Kwetsbaarheden verholpen in Oracle Database producten

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-208: Observable Timing Discrepancy

CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-755: Improper Handling of Exceptional Conditions

CWE-834: Excessive Iteration

CWE-407: Inefficient Algorithmic Complexity

CWE-178: Improper Handling of Case Sensitivity

CWE-732: Incorrect Permission Assignment for Critical Resource

CWE-415: Double Free

CWE-311: Missing Encryption of Sensitive Data

CWE-427: Uncontrolled Search Path Element

CWE-172: Encoding Error

CWE-680: Integer Overflow to Buffer Overflow

CWE-426: Untrusted Search Path

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

CWE-116: Improper Encoding or Escaping of Output

CWE-345: Insufficient Verification of Data Authenticity

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-203: Observable Discrepancy

CWE-190: Integer Overflow or Wraparound

CWE-552: Files or Directories Accessible to External Parties

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-275: CWE-275

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333: Inefficient Regular Expression Complexity

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-416: Use After Free

CWE-401: Missing Release of Memory after Effective Lifetime

CWE-476: NULL Pointer Dereference

CWE-295: Improper Certificate Validation

CWE-668: Exposure of Resource to Wrong Sphere

CWE-829: Inclusion of Functionality from Untrusted Control Sphere

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-918: Server-Side Request Forgery (SSRF)

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-681: Incorrect Conversion between Numeric Types

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-269: Improper Privilege Management

CWE-20: Improper Input Validation

CWE-87: Improper Neutralization of Alternate XSS Syntax

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-18: CWE-18

CWE-385: Covert Timing Channel

CWE-606: Unchecked Input for Loop Condition

CWE-192: Integer Coercion Error

CWE-390: Detection of Error Condition Without Action

CWE-1325: Improperly Controlled Sequential Memory Allocation

CWE-222: Truncation of Security-relevant Information

CWE-131: Incorrect Calculation of Buffer Size

CWE-59: Improper Link Resolution Before File Access ('Link Following')

CWE-304: Missing Critical Step in Authentication

CVE-2022-1471

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 48 products

Product	Identifier	Version
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
oracle_goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:oracle_goldengate_stream_analytics::::::::`	—
oracle_sql_developer oracle	`cpe:2.3:a:oracle:oracle_sql_developer::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—

CVE-2022-34169

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-192 - Integer Coercion Error

Affected products

Known affected 49 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate::::::::`	—
application_express oracle	`cpe:2.3:a:oracle:application_express::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.3:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate:19c:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:19c:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:21c:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2022-36033

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-87 - Improper Neutralization of Alternate XSS Syntax

Affected products

Known affected 61 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
application_express oracle	`cpe:2.3:a:oracle:application_express::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.3:::::::*`	—
oracle_goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:oracle_goldengate_stream_analytics::::::::`	—
oracle_goldengate_studio oracle	`cpe:2.3:a:oracle:oracle_goldengate_studio::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate:19c:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2022-37454

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 25 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
oracle_secure_backup oracle	`cpe:2.3:a:oracle:oracle_secure_backup::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate::::::::`	—

CVE-2022-38136

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2022-40196

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2022-41342

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2022-42919

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 23 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2022-45061

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 23 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2022-46337

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 38 products

Product	Identifier	Version
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—

CVE-2023-2976

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Known affected 48 products

Product	Identifier	Version
oracle_nosql_database oracle	`cpe:2.3:a:oracle:oracle_nosql_database::::::::`	—
oracle_goldengate_studio oracle	`cpe:2.3:a:oracle:oracle_goldengate_studio::::::::`	—
oracle_essbase oracle	`cpe:2.3:a:oracle:oracle_essbase::::::::`	—
oracle_goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:oracle_goldengate_stream_analytics::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-4043

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-834 - Excessive Iteration

Affected products

Known affected 39 products

Product	Identifier	Version
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl:23.4-23.5:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-4759

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Known affected 15 products

Product	Identifier	Version
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2023-4863

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 14 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—

CVE-2023-5072

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 41 products

Product	Identifier	Version
oracle_goldengate oracle	`cpe:2.3:a:oracle:oracle_goldengate::::::::`	—
oracle_goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:oracle_goldengate_stream_analytics::::::::`	—
oracle_goldengate_studio oracle	`cpe:2.3:a:oracle:oracle_goldengate_studio::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-26031

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-426 - Untrusted Search Path

Affected products

Known affected 15 products

Product	Identifier	Version
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2023-26551

0.0 (None)


                        
                          CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-26552

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-26553

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-26554

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-26555

6.4 (Medium)


                        
                          CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-28484

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 35 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—

CVE-2023-29469

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

CWE-20 - Improper Input Validation

Affected products

Known affected 35 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
application_express_administration oracle	`cpe:2.3:a:oracle:application_express_administration::::::::`	—
application_express_customers_plugin oracle	`cpe:2.3:a:oracle:application_express_customers_plugin::::::::`	—
application_express_team_calendar_plugin oracle	`cpe:2.3:a:oracle:application_express_team_calendar_plugin::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.4.3.0.0:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:19.5.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.28:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.55:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.26:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—

CVE-2023-33201

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 44 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.0.0.0:::::::*`	—
oracle_nosql_database oracle	`cpe:2.3:a:oracle:oracle_nosql_database::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
goldengate_big_data oracle	`cpe:2.3:a:oracle:goldengate_big_data::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-37920

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-295 - Improper Certificate Validation

Affected products

Known affected 15 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—

CVE-2023-39410

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 21 products

Product	Identifier	Version
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 43 products

Product	Identifier	Version
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-44981

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 30 products

Product	Identifier	Version
oracle_goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:oracle_goldengate_stream_analytics::::::::`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—

CVE-2023-45288

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-48795

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Known affected 45 products

Product	Identifier	Version
goldengate oracle	`cpe:2.3:a:oracle:goldengate:21.3-21.14:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:::::::*`	—
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:21.4.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup::::::::`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.3.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:23.10:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.3:::::::*`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:22.2.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—

CVE-2023-49083

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 26 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2023-51384

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-304 - Missing Critical Step in Authentication

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-51385

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2023-52425

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 15 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2023-52426

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Known affected 15 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-1874

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-2408

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-203 - Observable Discrepancy

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-2511

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 17 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-4577

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-4603

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-606 - Unchecked Input for Loop Condition

Affected products

Known affected 17 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-4741

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 - Use After Free

Affected products

Known affected 17 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-5458

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-5535

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:23.4-23.5:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:::::::*`	—

CVE-2024-5585

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-116 - Improper Encoding or Escaping of Output

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-6119

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:23.4-23.5:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:::::::*`	—

CVE-2024-6232

CWE-1333 - Inefficient Regular Expression Complexity

CVE-2024-7264

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 4 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:::::::*`	—

CVE-2024-7592

CWE-400 - Uncontrolled Resource Consumption

CVE-2024-21131

Affected products

Known affected 14 products

Product	Identifier	Version
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21138

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 14 products

Product	Identifier	Version
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21140

Affected products

Known affected 14 products

Product	Identifier	Version
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21144

CWE-20 - Improper Input Validation

Affected products

Known affected 14 products

Product	Identifier	Version
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21145

CWE-787 - Out-of-bounds Write

Affected products

Known affected 14 products

Product	Identifier	Version
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21147

Affected products

Known affected 14 products

Product	Identifier	Version
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-21233

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2024-21242

3.5 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_xml_database oracle	`cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:::::::*`	—
database_-_xml_database oracle	`cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:::::::*`	—
database_-_xml_database oracle	`cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:::::::*`	—

CVE-2024-21251

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_java_vm oracle	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:::::::*`	—
database_-_java_vm oracle	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:::::::*`	—
database_-_java_vm oracle	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:::::::*`	—

CVE-2024-21261

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

Affected products

Known affected 3 products

Product	Identifier	Version
oracle_application_express oracle_corporation	`cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

CVE-2024-22018

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H

CWE-275 - -

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-22020

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 26 products

Product	Identifier	Version
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-23807

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 17 products

Product	Identifier	Version
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-23944

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 15 products

Product	Identifier	Version
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-24989

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-24990

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 - Use After Free

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-25710

8.1 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 28 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-26130

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 26 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 28 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:23.1.0:::::::*`	—
autonomous_health_framework oracle	`cpe:2.3:a:oracle:autonomous_health_framework::::::::`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_veridata oracle	`cpe:2.3:a:oracle:goldengate_veridata::::::::`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics::::::::`	—
sqlcl oracle	`cpe:2.3:a:oracle:sqlcl::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:::::::*`	—
spatial_and_graph_mapviewer oracle	`cpe:2.3:a:oracle:spatial_and_graph_mapviewer::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.4.0.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-27983

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 14 products

Product	Identifier	Version
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-28182

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 15 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-28849

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 15 products

Product	Identifier	Version
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-28887

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-427 - Uncontrolled Search Path Element

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 20 products

Product	Identifier	Version
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:24.1.17:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:23.3.33:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:20.3.40:::::::*`	—
fleet_patching_and_provisioning_-_micronaut oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:22.3.45:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:21.2.71:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-29131

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 17 products

Product	Identifier	Version
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-29133

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 17 products

Product	Identifier	Version
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	—
sql_developer oracle	`cpe:2.3:a:oracle:sql_developer:24.3.0:::::::*`	—
goldengate_stream_analytics oracle	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
fleet_patching_and_provisioning oracle	`cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph::::::::`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.5.6:::::::*`	—
management_pack_for__goldengate oracle	`cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:::::::*`	—
goldengate oracle	`cpe:2.3:a:oracle:goldengate::::::::`	—
goldengate_big_data_and_application_adapters oracle	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters::::::::`	—
goldengate_studio oracle	`cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:::::::*`	—
graalvm_for_jdk oracle	`cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.4:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database:1.5:::::::*`	—
nosql_database oracle	`cpe:2.3:a:oracle:nosql_database::::::::`	—

CVE-2024-31079

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-32760

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-34161

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-34750

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
database_-_grid oracle	`cpe:2.3:a:oracle:database_-_grid:19.3-19.24:::::::*`	—
database_-_grid oracle	`cpe:2.3:a:oracle:database_-_grid:21.3-21.15:::::::*`	—

CVE-2024-35200

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-36137

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H

CWE-275 - -

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-36138

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-36387

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-37370

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:19.3-19.24:::::::*`	—
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:23.4-23.5:::::::*`	—
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:21.3-21.15:::::::*`	—

CVE-2024-37371

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:19.3-19.24:::::::*`	—
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:23.4-23.5:::::::*`	—
database_-_security oracle	`cpe:2.3:a:oracle:database_-_security:21.3-21.15:::::::*`	—

CVE-2024-37372

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
blockchain_platform oracle	`cpe:2.3:a:oracle:blockchain_platform:21.1.2:::::::*`	—

CVE-2024-38356

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 3 products

Product	Identifier	Version
application_express oracle	`cpe:2.3:a:oracle:application_express:23.1:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

CVE-2024-38357

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 3 products

Product	Identifier	Version
application_express oracle	`cpe:2.3:a:oracle:application_express:23.1:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

CVE-2024-38472

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38473

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-172 - Encoding Error

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38474

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-172 - Encoding Error

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38475

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-284 - Improper Access Control

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38476

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38477

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-38998

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 4 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 4 products

Product	Identifier	Version
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:::::::*`	—
spatial_and_graph oracle	`cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

CVE-2024-39573

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-39884

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-18 - -

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—

CVE-2024-40725

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—

CVE-2024-40898

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 3 products

Product	Identifier	Version
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:::::::*`	—
secure_backup oracle	`cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:::::::*`	—
essbase oracle	`cpe:2.3:a:oracle:essbase:21.6:::::::*`	—

CVE-2024-45490

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2024-45491

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 3 products

Product	Identifier	Version
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:21.3-21.15:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:23.4-23.5:::::::*`	—
database_-_core oracle	`cpe:2.3:a:oracle:database_-_core:19.3-19.24:::::::*`	—

CVE-2024-45801

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
application_express oracle	`cpe:2.3:a:oracle:application_express:23.2:::::::*`	—
application_express oracle	`cpe:2.3:a:oracle:application_express:24.1:::::::*`	—

References

105 references

URL	Category
https://www.oracle.com/security-alerts/cpuoct2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Observable Timing Discrepancy",
        "title": "CWE-208"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
        "title": "CWE-776"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
        "title": "CWE-88"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Inefficient Algorithmic Complexity",
        "title": "CWE-407"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Incorrect Permission Assignment for Critical Resource",
        "title": "CWE-732"
      },
      {
        "category": "general",
        "text": "Double Free",
        "title": "CWE-415"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "Encoding Error",
        "title": "CWE-172"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
        "title": "CWE-843"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Observable Discrepancy",
        "title": "CWE-203"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Files or Directories Accessible to External Parties",
        "title": "CWE-552"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "CWE-275",
        "title": "CWE-275"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Exposure of Resource to Wrong Sphere",
        "title": "CWE-668"
      },
      {
        "category": "general",
        "text": "Inclusion of Functionality from Untrusted Control Sphere",
        "title": "CWE-829"
      },
      {
        "category": "general",
        "text": "Use of a Broken or Risky Cryptographic Algorithm",
        "title": "CWE-327"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Incorrect Conversion between Numeric Types",
        "title": "CWE-681"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Alternate XSS Syntax",
        "title": "CWE-87"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "CWE-18",
        "title": "CWE-18"
      },
      {
        "category": "general",
        "text": "Covert Timing Channel",
        "title": "CWE-385"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Integer Coercion Error",
        "title": "CWE-192"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Sequential Memory Allocation",
        "title": "CWE-1325"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Incorrect Calculation of Buffer Size",
        "title": "CWE-131"
      },
      {
        "category": "general",
        "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
        "title": "CWE-59"
      },
      {
        "category": "general",
        "text": "Missing Critical Step in Authentication",
        "title": "CWE-304"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Database producten",
    "tracking": {
      "current_release_date": "2024-10-17T13:15:19.595269Z",
      "id": "NCSC-2024-0411",
      "initial_release_date": "2024-10-17T13:15:19.595269Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:15:19.595269Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "database_-_grid",
            "product": {
              "name": "database_-_grid",
              "product_id": "CSAFPID-1673504",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_grid",
            "product": {
              "name": "database_-_grid",
              "product_id": "CSAFPID-1673506",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_core",
            "product": {
              "name": "database_-_core",
              "product_id": "CSAFPID-1673386",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_core",
            "product": {
              "name": "database_-_core",
              "product_id": "CSAFPID-1673385",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_core",
            "product": {
              "name": "database_-_core",
              "product_id": "CSAFPID-1673442",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_security",
            "product": {
              "name": "database_-_security",
              "product_id": "CSAFPID-1673507",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_security",
            "product": {
              "name": "database_-_security",
              "product_id": "CSAFPID-1673509",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_security",
            "product": {
              "name": "database_-_security",
              "product_id": "CSAFPID-1673508",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph_mapviewer",
            "product": {
              "name": "spatial_and_graph_mapviewer",
              "product_id": "CSAFPID-912561",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph",
            "product": {
              "name": "spatial_and_graph",
              "product_id": "CSAFPID-764250",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph",
            "product": {
              "name": "spatial_and_graph",
              "product_id": "CSAFPID-1673511",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph",
            "product": {
              "name": "spatial_and_graph",
              "product_id": "CSAFPID-1673512",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph",
            "product": {
              "name": "spatial_and_graph",
              "product_id": "CSAFPID-816800",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "spatial_and_graph",
            "product": {
              "name": "spatial_and_graph",
              "product_id": "CSAFPID-1673529",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fleet_patching_and_provisioning_-_micronaut",
            "product": {
              "name": "fleet_patching_and_provisioning_-_micronaut",
              "product_id": "CSAFPID-1673492",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "fleet_patching_and_provisioning",
            "product": {
              "name": "fleet_patching_and_provisioning",
              "product_id": "CSAFPID-1503603",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_xml_database",
            "product": {
              "name": "database_-_xml_database",
              "product_id": "CSAFPID-1673445",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_xml_database",
            "product": {
              "name": "database_-_xml_database",
              "product_id": "CSAFPID-1673443",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_xml_database",
            "product": {
              "name": "database_-_xml_database",
              "product_id": "CSAFPID-1673444",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_java_vm",
            "product": {
              "name": "database_-_java_vm",
              "product_id": "CSAFPID-1673451",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_java_vm",
            "product": {
              "name": "database_-_java_vm",
              "product_id": "CSAFPID-1673450",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "database_-_java_vm",
            "product": {
              "name": "database_-_java_vm",
              "product_id": "CSAFPID-1673452",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "autonomous_health_framework",
            "product": {
              "name": "autonomous_health_framework",
              "product_id": "CSAFPID-816798",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "autonomous_health_framework",
            "product": {
              "name": "autonomous_health_framework",
              "product_id": "CSAFPID-816799",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "autonomous_health_framework",
            "product": {
              "name": "autonomous_health_framework",
              "product_id": "CSAFPID-1673525",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-912046",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-1503299",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-816855",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-816361",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-912045",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-1503302",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-912044",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-1503306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-816852",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-912600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-816853",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-912601",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "graalvm_for_jdk",
            "product": {
              "name": "graalvm_for_jdk",
              "product_id": "CSAFPID-816854",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sqlcl",
            "product": {
              "name": "sqlcl",
              "product_id": "CSAFPID-816801",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sqlcl",
            "product": {
              "name": "sqlcl",
              "product_id": "CSAFPID-1673405",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express_administration",
            "product": {
              "name": "application_express_administration",
              "product_id": "CSAFPID-764731",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express_customers_plugin",
            "product": {
              "name": "application_express_customers_plugin",
              "product_id": "CSAFPID-764732",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express_team_calendar_plugin",
            "product": {
              "name": "application_express_team_calendar_plugin",
              "product_id": "CSAFPID-764733",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express",
            "product": {
              "name": "application_express",
              "product_id": "CSAFPID-266119",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express",
            "product": {
              "name": "application_express",
              "product_id": "CSAFPID-1673510",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express",
            "product": {
              "name": "application_express",
              "product_id": "CSAFPID-1503575",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_express",
            "product": {
              "name": "application_express",
              "product_id": "CSAFPID-1673188",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "autonomous_health_framework",
            "product": {
              "name": "autonomous_health_framework",
              "product_id": "CSAFPID-765238",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "autonomous_health_framework",
            "product": {
              "name": "autonomous_health_framework",
              "product_id": "CSAFPID-765239",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "blockchain_platform",
            "product": {
              "name": "blockchain_platform",
              "product_id": "CSAFPID-764779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "blockchain_platform",
            "product": {
              "name": "blockchain_platform",
              "product_id": "CSAFPID-89587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-765259",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-187448",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-94075",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-220886",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-611394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-816317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-912567",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-1503612",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "essbase",
            "product": {
              "name": "essbase",
              "product_id": "CSAFPID-1673479",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_essbase",
            "product": {
              "name": "oracle_essbase",
              "product_id": "CSAFPID-1650506",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_big_data_and_application_adapters",
            "product": {
              "name": "goldengate_big_data_and_application_adapters",
              "product_id": "CSAFPID-816845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_big_data_and_application_adapters",
            "product": {
              "name": "goldengate_big_data_and_application_adapters",
              "product_id": "CSAFPID-1650825",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_big_data_and_application_adapters",
            "product": {
              "name": "goldengate_big_data_and_application_adapters",
              "product_id": "CSAFPID-1673404",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_big_data_and_application_adapters",
            "product": {
              "name": "goldengate_big_data_and_application_adapters",
              "product_id": "CSAFPID-1650831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_big_data",
            "product": {
              "name": "goldengate_big_data",
              "product_id": "CSAFPID-764274",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_stream_analytics",
            "product": {
              "name": "goldengate_stream_analytics",
              "product_id": "CSAFPID-764752",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_stream_analytics",
            "product": {
              "name": "goldengate_stream_analytics",
              "product_id": "CSAFPID-1673384",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_stream_analytics",
            "product": {
              "name": "goldengate_stream_analytics",
              "product_id": "CSAFPID-220192",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_stream_analytics",
            "product": {
              "name": "goldengate_stream_analytics",
              "product_id": "CSAFPID-220193",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_studio",
            "product": {
              "name": "goldengate_studio",
              "product_id": "CSAFPID-816846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_studio",
            "product": {
              "name": "goldengate_studio",
              "product_id": "CSAFPID-611390",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_studio",
            "product": {
              "name": "goldengate_studio",
              "product_id": "CSAFPID-764803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate_veridata",
            "product": {
              "name": "goldengate_veridata",
              "product_id": "CSAFPID-764275",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-342816",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-1650767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-485902",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-1503736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-219912",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-1503739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-1650765",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "goldengate",
            "product": {
              "name": "goldengate",
              "product_id": "CSAFPID-1503738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_goldengate_stream_analytics",
            "product": {
              "name": "oracle_goldengate_stream_analytics",
              "product_id": "CSAFPID-1650515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "management_pack_for__goldengate",
            "product": {
              "name": "management_pack_for__goldengate",
              "product_id": "CSAFPID-764861",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "management_pack_for__goldengate",
            "product": {
              "name": "management_pack_for__goldengate",
              "product_id": "CSAFPID-1503640",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_goldengate_studio",
            "product": {
              "name": "oracle_goldengate_studio",
              "product_id": "CSAFPID-1650835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_goldengate",
            "product": {
              "name": "oracle_goldengate",
              "product_id": "CSAFPID-1650575",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-764813",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1503661",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1503663",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673497",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-764764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-764765",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673491",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-764766",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673495",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-764767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673489",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1673488",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1650757",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1650758",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1650761",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1650760",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "nosql_database",
            "product": {
              "name": "nosql_database",
              "product_id": "CSAFPID-1650759",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_nosql_database",
            "product": {
              "name": "oracle_nosql_database",
              "product_id": "CSAFPID-1650584",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_secure_backup",
            "product": {
              "name": "oracle_secure_backup",
              "product_id": "CSAFPID-1650563",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "secure_backup",
            "product": {
              "name": "secure_backup",
              "product_id": "CSAFPID-667692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "secure_backup",
            "product": {
              "name": "secure_backup",
              "product_id": "CSAFPID-345049",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "secure_backup",
            "product": {
              "name": "secure_backup",
              "product_id": "CSAFPID-611417",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "secure_backup",
            "product": {
              "name": "secure_backup",
              "product_id": "CSAFPID-1673422",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "oracle_sql_developer",
            "product": {
              "name": "oracle_sql_developer",
              "product_id": "CSAFPID-1650638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sql_developer",
            "product": {
              "name": "sql_developer",
              "product_id": "CSAFPID-764822",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sql_developer",
            "product": {
              "name": "sql_developer",
              "product_id": "CSAFPID-220643",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sql_developer",
            "product": {
              "name": "sql_developer",
              "product_id": "CSAFPID-816870",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sql_developer",
            "product": {
              "name": "sql_developer",
              "product_id": "CSAFPID-816871",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sql_developer",
            "product": {
              "name": "sql_developer",
              "product_id": "CSAFPID-1673397",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "oracle_application_express",
            "product": {
              "name": "oracle_application_express",
              "product_id": "CSAFPID-1673144",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle_corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-1471",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-611390",
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764779",
          "CSAFPID-94075",
          "CSAFPID-220886",
          "CSAFPID-764803",
          "CSAFPID-764813",
          "CSAFPID-342816",
          "CSAFPID-764752",
          "CSAFPID-764822",
          "CSAFPID-1650515",
          "CSAFPID-1650638",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816317",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-89587",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816361",
          "CSAFPID-220643",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-667692",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-912046",
          "CSAFPID-912045",
          "CSAFPID-912044"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-1471",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json"
        }
      ],
      "title": "CVE-2022-1471"
    },
    {
      "cve": "CVE-2022-34169",
      "cwe": {
        "id": "CWE-192",
        "name": "Integer Coercion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Coercion Error",
          "title": "CWE-192"
        },
        {
          "category": "other",
          "text": "Incorrect Conversion between Numeric Types",
          "title": "CWE-681"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764779",
          "CSAFPID-94075",
          "CSAFPID-342816",
          "CSAFPID-764803",
          "CSAFPID-764813",
          "CSAFPID-764822",
          "CSAFPID-764752",
          "CSAFPID-764275",
          "CSAFPID-764861",
          "CSAFPID-266119",
          "CSAFPID-187448",
          "CSAFPID-219912",
          "CSAFPID-765238",
          "CSAFPID-765239",
          "CSAFPID-765259",
          "CSAFPID-667692",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-764250",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816317",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816361",
          "CSAFPID-220643",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-1673384",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-912046",
          "CSAFPID-912045",
          "CSAFPID-912044",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-34169",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764779",
            "CSAFPID-94075",
            "CSAFPID-342816",
            "CSAFPID-764803",
            "CSAFPID-764813",
            "CSAFPID-764822",
            "CSAFPID-764752",
            "CSAFPID-764275",
            "CSAFPID-764861",
            "CSAFPID-266119",
            "CSAFPID-187448",
            "CSAFPID-219912",
            "CSAFPID-765238",
            "CSAFPID-765239",
            "CSAFPID-765259",
            "CSAFPID-667692",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-764250",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816317",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816361",
            "CSAFPID-220643",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-1673384",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-912046",
            "CSAFPID-912045",
            "CSAFPID-912044",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-36033",
      "cwe": {
        "id": "CWE-87",
        "name": "Improper Neutralization of Alternate XSS Syntax"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Alternate XSS Syntax",
          "title": "CWE-87"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-611390",
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764779",
          "CSAFPID-220886",
          "CSAFPID-94075",
          "CSAFPID-764803",
          "CSAFPID-342816",
          "CSAFPID-764752",
          "CSAFPID-764861",
          "CSAFPID-764813",
          "CSAFPID-764822",
          "CSAFPID-266119",
          "CSAFPID-187448",
          "CSAFPID-1650515",
          "CSAFPID-1650835",
          "CSAFPID-219912",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816317",
          "CSAFPID-667692",
          "CSAFPID-1673384",
          "CSAFPID-912561",
          "CSAFPID-1503575",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816361",
          "CSAFPID-220643",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-912567",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-912046",
          "CSAFPID-912045",
          "CSAFPID-912044",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36033",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764250",
            "CSAFPID-611394",
            "CSAFPID-764731",
            "CSAFPID-764732",
            "CSAFPID-764733",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-611390",
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-764764",
            "CSAFPID-764765",
            "CSAFPID-764766",
            "CSAFPID-764767",
            "CSAFPID-764779",
            "CSAFPID-220886",
            "CSAFPID-94075",
            "CSAFPID-764803",
            "CSAFPID-342816",
            "CSAFPID-764752",
            "CSAFPID-764861",
            "CSAFPID-764813",
            "CSAFPID-764822",
            "CSAFPID-266119",
            "CSAFPID-187448",
            "CSAFPID-1650515",
            "CSAFPID-1650835",
            "CSAFPID-219912",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816317",
            "CSAFPID-667692",
            "CSAFPID-1673384",
            "CSAFPID-912561",
            "CSAFPID-1503575",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816361",
            "CSAFPID-220643",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-912567",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-912046",
            "CSAFPID-912045",
            "CSAFPID-912044",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2022-36033"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-611390",
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-220886",
          "CSAFPID-342816",
          "CSAFPID-764752",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764779",
          "CSAFPID-94075",
          "CSAFPID-764803",
          "CSAFPID-764813",
          "CSAFPID-764822",
          "CSAFPID-1650563",
          "CSAFPID-89587",
          "CSAFPID-764861"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-37454",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764250",
            "CSAFPID-611394",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-611390",
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-764731",
            "CSAFPID-764732",
            "CSAFPID-764733",
            "CSAFPID-220886",
            "CSAFPID-342816",
            "CSAFPID-764752",
            "CSAFPID-764764",
            "CSAFPID-764765",
            "CSAFPID-764766",
            "CSAFPID-764767",
            "CSAFPID-764779",
            "CSAFPID-94075",
            "CSAFPID-764803",
            "CSAFPID-764813",
            "CSAFPID-764822",
            "CSAFPID-1650563",
            "CSAFPID-89587",
            "CSAFPID-764861"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-38136",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-38136",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json"
        }
      ],
      "title": "CVE-2022-38136"
    },
    {
      "cve": "CVE-2022-40196",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-40196",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json"
        }
      ],
      "title": "CVE-2022-40196"
    },
    {
      "cve": "CVE-2022-41342",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-41342",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json"
        }
      ],
      "title": "CVE-2022-41342"
    },
    {
      "cve": "CVE-2022-42919",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-611390",
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-220886",
          "CSAFPID-342816",
          "CSAFPID-764752",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764779",
          "CSAFPID-94075",
          "CSAFPID-764803",
          "CSAFPID-764813",
          "CSAFPID-764822",
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42919",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json"
        }
      ],
      "title": "CVE-2022-42919"
    },
    {
      "cve": "CVE-2022-45061",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-220886",
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-342816",
          "CSAFPID-764752",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764779",
          "CSAFPID-94075",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-611390",
          "CSAFPID-764803",
          "CSAFPID-764813",
          "CSAFPID-764822",
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-45061",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-764731",
            "CSAFPID-764732",
            "CSAFPID-764733",
            "CSAFPID-220886",
            "CSAFPID-764250",
            "CSAFPID-611394",
            "CSAFPID-342816",
            "CSAFPID-764752",
            "CSAFPID-764764",
            "CSAFPID-764765",
            "CSAFPID-764766",
            "CSAFPID-764767",
            "CSAFPID-764779",
            "CSAFPID-94075",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-611390",
            "CSAFPID-764803",
            "CSAFPID-764813",
            "CSAFPID-764822",
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2022-45061"
    },
    {
      "cve": "CVE-2022-46337",
      "product_status": {
        "known_affected": [
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-1673384",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-764752",
          "CSAFPID-764275",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-912046",
          "CSAFPID-912045",
          "CSAFPID-912044",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-764250",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816317",
          "CSAFPID-816845",
          "CSAFPID-342816",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-816361",
          "CSAFPID-764813",
          "CSAFPID-220643",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-667692"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-46337",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-1673384",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-764752",
            "CSAFPID-764275",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-912046",
            "CSAFPID-912045",
            "CSAFPID-912044",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-764250",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816317",
            "CSAFPID-816845",
            "CSAFPID-342816",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-816361",
            "CSAFPID-764813",
            "CSAFPID-220643",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-667692"
          ]
        }
      ],
      "title": "CVE-2022-46337"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650584",
          "CSAFPID-1650835",
          "CSAFPID-1650506",
          "CSAFPID-1650515",
          "CSAFPID-816317",
          "CSAFPID-816845",
          "CSAFPID-342816",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816361",
          "CSAFPID-764813",
          "CSAFPID-220643",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-667692",
          "CSAFPID-89587",
          "CSAFPID-1673397",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-345049",
          "CSAFPID-816801",
          "CSAFPID-611390",
          "CSAFPID-611394",
          "CSAFPID-611417",
          "CSAFPID-764250",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2976",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650584",
            "CSAFPID-1650835",
            "CSAFPID-1650506",
            "CSAFPID-1650515",
            "CSAFPID-816317",
            "CSAFPID-816845",
            "CSAFPID-342816",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816361",
            "CSAFPID-764813",
            "CSAFPID-220643",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-667692",
            "CSAFPID-89587",
            "CSAFPID-1673397",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-345049",
            "CSAFPID-816801",
            "CSAFPID-611390",
            "CSAFPID-611394",
            "CSAFPID-611417",
            "CSAFPID-764250",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673405",
          "CSAFPID-1673397",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4043",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673405",
            "CSAFPID-1673397",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-4043"
    },
    {
      "cve": "CVE-2023-4759",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
          "title": "CWE-59"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673397",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4759",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673397",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2023-4759"
    },
    {
      "cve": "CVE-2023-4863",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-342816",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816798",
          "CSAFPID-816801"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4863",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json"
        }
      ],
      "title": "CVE-2023-4863"
    },
    {
      "cve": "CVE-2023-5072",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650575",
          "CSAFPID-1650515",
          "CSAFPID-1650835",
          "CSAFPID-89587",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5072",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650575",
            "CSAFPID-1650515",
            "CSAFPID-1650835",
            "CSAFPID-89587",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673384",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673384",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-26551",
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26551",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-26551"
    },
    {
      "cve": "CVE-2023-26552",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26552",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-26552"
    },
    {
      "cve": "CVE-2023-26553",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26553",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-26553"
    },
    {
      "cve": "CVE-2023-26554",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-26554"
    },
    {
      "cve": "CVE-2023-26555",
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26555",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-26555"
    },
    {
      "cve": "CVE-2023-28484",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764250",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-220886",
          "CSAFPID-816317",
          "CSAFPID-764813",
          "CSAFPID-89587",
          "CSAFPID-342816",
          "CSAFPID-345049",
          "CSAFPID-764752",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-611390",
          "CSAFPID-611394",
          "CSAFPID-611417",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-220643",
          "CSAFPID-667692",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28484",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764250",
            "CSAFPID-764731",
            "CSAFPID-764732",
            "CSAFPID-764733",
            "CSAFPID-220886",
            "CSAFPID-816317",
            "CSAFPID-764813",
            "CSAFPID-89587",
            "CSAFPID-342816",
            "CSAFPID-345049",
            "CSAFPID-764752",
            "CSAFPID-764764",
            "CSAFPID-764765",
            "CSAFPID-764766",
            "CSAFPID-764767",
            "CSAFPID-611390",
            "CSAFPID-611394",
            "CSAFPID-611417",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-220643",
            "CSAFPID-667692",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871"
          ]
        }
      ],
      "title": "CVE-2023-28484"
    },
    {
      "cve": "CVE-2023-29469",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Double Free",
          "title": "CWE-415"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-611417",
          "CSAFPID-764731",
          "CSAFPID-764732",
          "CSAFPID-764733",
          "CSAFPID-816317",
          "CSAFPID-89587",
          "CSAFPID-220886",
          "CSAFPID-342816",
          "CSAFPID-345049",
          "CSAFPID-764752",
          "CSAFPID-611390",
          "CSAFPID-611394",
          "CSAFPID-764764",
          "CSAFPID-764765",
          "CSAFPID-764766",
          "CSAFPID-764767",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-220643",
          "CSAFPID-667692",
          "CSAFPID-764813",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-764250",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29469",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-611417",
            "CSAFPID-764731",
            "CSAFPID-764732",
            "CSAFPID-764733",
            "CSAFPID-816317",
            "CSAFPID-89587",
            "CSAFPID-220886",
            "CSAFPID-342816",
            "CSAFPID-345049",
            "CSAFPID-764752",
            "CSAFPID-611390",
            "CSAFPID-611394",
            "CSAFPID-764764",
            "CSAFPID-764765",
            "CSAFPID-764766",
            "CSAFPID-764767",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-220643",
            "CSAFPID-667692",
            "CSAFPID-764813",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-764250",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871"
          ]
        }
      ],
      "title": "CVE-2023-29469"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-764250",
          "CSAFPID-611394",
          "CSAFPID-1650584",
          "CSAFPID-1673397",
          "CSAFPID-912561",
          "CSAFPID-345049",
          "CSAFPID-611390",
          "CSAFPID-611417",
          "CSAFPID-764274",
          "CSAFPID-764275",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-764250",
            "CSAFPID-611394",
            "CSAFPID-1650584",
            "CSAFPID-1673397",
            "CSAFPID-912561",
            "CSAFPID-345049",
            "CSAFPID-611390",
            "CSAFPID-611417",
            "CSAFPID-764274",
            "CSAFPID-764275",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-37920",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1503575",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-37920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1503575",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612"
          ]
        }
      ],
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-39410",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673404",
          "CSAFPID-1673384",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39410",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673404",
            "CSAFPID-1673384",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871"
          ]
        }
      ],
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650757",
          "CSAFPID-1650758",
          "CSAFPID-1650759",
          "CSAFPID-1650760",
          "CSAFPID-1650761",
          "CSAFPID-89587",
          "CSAFPID-816361",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503603",
          "CSAFPID-1503575",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650757",
            "CSAFPID-1650758",
            "CSAFPID-1650759",
            "CSAFPID-1650760",
            "CSAFPID-1650761",
            "CSAFPID-89587",
            "CSAFPID-816361",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503603",
            "CSAFPID-1503575",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-44981",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650515",
          "CSAFPID-89587",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44981",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650515",
            "CSAFPID-89587",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601"
          ]
        }
      ],
      "title": "CVE-2023-44981"
    },
    {
      "cve": "CVE-2023-45288",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45288",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-45288"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650765",
          "CSAFPID-1650757",
          "CSAFPID-1650758",
          "CSAFPID-1650767",
          "CSAFPID-1650759",
          "CSAFPID-1650760",
          "CSAFPID-1650761",
          "CSAFPID-89587",
          "CSAFPID-220643",
          "CSAFPID-342816",
          "CSAFPID-667692",
          "CSAFPID-764250",
          "CSAFPID-764813",
          "CSAFPID-816317",
          "CSAFPID-816361",
          "CSAFPID-816798",
          "CSAFPID-816799",
          "CSAFPID-816800",
          "CSAFPID-816801",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-816852",
          "CSAFPID-816853",
          "CSAFPID-816854",
          "CSAFPID-816855",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-816870",
          "CSAFPID-816871",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-1503603",
          "CSAFPID-1503612",
          "CSAFPID-1503575",
          "CSAFPID-1503640",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650765",
            "CSAFPID-1650757",
            "CSAFPID-1650758",
            "CSAFPID-1650767",
            "CSAFPID-1650759",
            "CSAFPID-1650760",
            "CSAFPID-1650761",
            "CSAFPID-89587",
            "CSAFPID-220643",
            "CSAFPID-342816",
            "CSAFPID-667692",
            "CSAFPID-764250",
            "CSAFPID-764813",
            "CSAFPID-816317",
            "CSAFPID-816361",
            "CSAFPID-816798",
            "CSAFPID-816799",
            "CSAFPID-816800",
            "CSAFPID-816801",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-816852",
            "CSAFPID-816853",
            "CSAFPID-816854",
            "CSAFPID-816855",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-816870",
            "CSAFPID-816871",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-1503603",
            "CSAFPID-1503612",
            "CSAFPID-1503575",
            "CSAFPID-1503640",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-49083",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-342816",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816798",
          "CSAFPID-816801",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-816845",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-49083",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-342816",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-816798",
            "CSAFPID-816801",
            "CSAFPID-816846",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-816845",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-51384",
      "cwe": {
        "id": "CWE-304",
        "name": "Missing Critical Step in Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Critical Step in Authentication",
          "title": "CWE-304"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51384",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-51384"
    },
    {
      "cve": "CVE-2023-51385",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51385",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2023-51385"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
          "title": "CWE-776"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52426",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2024-1874",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673422",
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1874",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673422",
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-1874"
    },
    {
      "cve": "CVE-2024-2408",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        },
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        },
        {
          "category": "other",
          "text": "Use of a Broken or Risky Cryptographic Algorithm",
          "title": "CWE-327"
        },
        {
          "category": "other",
          "text": "Covert Timing Channel",
          "title": "CWE-385"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673422",
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2408",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673422",
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-2408"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improperly Controlled Sequential Memory Allocation",
          "title": "CWE-1325"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-1673479",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2511",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-1673479",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-4577",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673422",
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4577",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673422",
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-4577"
    },
    {
      "cve": "CVE-2024-4603",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-1673479",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4603",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-1673479",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-4603"
    },
    {
      "cve": "CVE-2024-4741",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-1673479",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4741",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-1673479",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-4741"
    },
    {
      "cve": "CVE-2024-5458",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673422",
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5458",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673422",
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-5458"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673508",
          "CSAFPID-1673525"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673508",
            "CSAFPID-1673525"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-5585",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673422",
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5585",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673422",
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-5585"
    },
    {
      "cve": "CVE-2024-6119",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
          "title": "CWE-843"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673508",
          "CSAFPID-1673525"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6119",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673508",
            "CSAFPID-1673525"
          ]
        }
      ],
      "title": "CVE-2024-6119"
    },
    {
      "cve": "CVE-2024-6232",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6232",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
        }
      ],
      "title": "CVE-2024-6232"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673529",
          "CSAFPID-1673479",
          "CSAFPID-1673511",
          "CSAFPID-1673512"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7264",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673529",
            "CSAFPID-1673479",
            "CSAFPID-1673511",
            "CSAFPID-1673512"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-7592",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7592",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
        }
      ],
      "title": "CVE-2024-7592"
    },
    {
      "cve": "CVE-2024-21131",
      "product_status": {
        "known_affected": [
          "CSAFPID-1503299",
          "CSAFPID-1503306",
          "CSAFPID-1503302",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json"
        }
      ],
      "title": "CVE-2024-21131"
    },
    {
      "cve": "CVE-2024-21138",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21138",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json"
        }
      ],
      "title": "CVE-2024-21138"
    },
    {
      "cve": "CVE-2024-21140",
      "product_status": {
        "known_affected": [
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503299",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21140",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json"
        }
      ],
      "title": "CVE-2024-21140"
    },
    {
      "cve": "CVE-2024-21144",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21144",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json"
        }
      ],
      "title": "CVE-2024-21144"
    },
    {
      "cve": "CVE-2024-21145",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503299",
          "CSAFPID-1503306",
          "CSAFPID-1503302",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21145",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json"
        }
      ],
      "title": "CVE-2024-21145"
    },
    {
      "cve": "CVE-2024-21147",
      "product_status": {
        "known_affected": [
          "CSAFPID-1503306",
          "CSAFPID-1503302",
          "CSAFPID-1503299",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21147",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json"
        }
      ],
      "title": "CVE-2024-21147"
    },
    {
      "cve": "CVE-2024-21233",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673442",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21233",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673385",
            "CSAFPID-1673442",
            "CSAFPID-1673386"
          ]
        }
      ],
      "title": "CVE-2024-21233"
    },
    {
      "cve": "CVE-2024-21242",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673443",
          "CSAFPID-1673444",
          "CSAFPID-1673445"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21242",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673443",
            "CSAFPID-1673444",
            "CSAFPID-1673445"
          ]
        }
      ],
      "title": "CVE-2024-21242"
    },
    {
      "cve": "CVE-2024-21251",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673450",
          "CSAFPID-1673451",
          "CSAFPID-1673452"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21251",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673450",
            "CSAFPID-1673451",
            "CSAFPID-1673452"
          ]
        }
      ],
      "title": "CVE-2024-21251"
    },
    {
      "cve": "CVE-2024-21261",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673144",
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21261",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673144",
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-21261"
    },
    {
      "cve": "CVE-2024-22018",
      "cwe": {
        "id": "CWE-275",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-275",
          "title": "CWE-275"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22018",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-22018"
    },
    {
      "cve": "CVE-2024-22020",
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22020",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-22020"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673384",
          "CSAFPID-342816",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816798",
          "CSAFPID-816801",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-816845",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673384",
            "CSAFPID-342816",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-816798",
            "CSAFPID-816801",
            "CSAFPID-816846",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-816845",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650831",
          "CSAFPID-1650825",
          "CSAFPID-1673479",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650831",
            "CSAFPID-1650825",
            "CSAFPID-1673479",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-23944",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673384",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23944",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673384",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-23944"
    },
    {
      "cve": "CVE-2024-24989",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24989",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json"
        }
      ],
      "title": "CVE-2024-24989"
    },
    {
      "cve": "CVE-2024-24990",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24990",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-24990"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1673384",
          "CSAFPID-816871",
          "CSAFPID-816798",
          "CSAFPID-816801",
          "CSAFPID-342816",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-912046",
          "CSAFPID-1503640",
          "CSAFPID-816845",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25710",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1673384",
            "CSAFPID-816871",
            "CSAFPID-816798",
            "CSAFPID-816801",
            "CSAFPID-342816",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-816846",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-912046",
            "CSAFPID-1503640",
            "CSAFPID-816845",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-25710"
    },
    {
      "cve": "CVE-2024-26130",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-342816",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816798",
          "CSAFPID-816801",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-816845",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26130",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-342816",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-816798",
            "CSAFPID-816801",
            "CSAFPID-816846",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-816845",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1673384",
          "CSAFPID-816871",
          "CSAFPID-816798",
          "CSAFPID-342816",
          "CSAFPID-764275",
          "CSAFPID-764752",
          "CSAFPID-816801",
          "CSAFPID-816846",
          "CSAFPID-912044",
          "CSAFPID-912045",
          "CSAFPID-912046",
          "CSAFPID-912561",
          "CSAFPID-912567",
          "CSAFPID-912600",
          "CSAFPID-912601",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-816845",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1673384",
            "CSAFPID-816871",
            "CSAFPID-816798",
            "CSAFPID-342816",
            "CSAFPID-764275",
            "CSAFPID-764752",
            "CSAFPID-816801",
            "CSAFPID-816846",
            "CSAFPID-912044",
            "CSAFPID-912045",
            "CSAFPID-912046",
            "CSAFPID-912561",
            "CSAFPID-912567",
            "CSAFPID-912600",
            "CSAFPID-912601",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-816845",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-27983",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-27983",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-27983"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673442",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673442",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-28887",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673442",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28887",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673385",
            "CSAFPID-1673442",
            "CSAFPID-1673386"
          ]
        }
      ],
      "title": "CVE-2024-28887"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673488",
          "CSAFPID-1673489",
          "CSAFPID-1673491",
          "CSAFPID-1673492",
          "CSAFPID-1673493",
          "CSAFPID-1673495",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673488",
            "CSAFPID-1673489",
            "CSAFPID-1673491",
            "CSAFPID-1673492",
            "CSAFPID-1673493",
            "CSAFPID-1673495",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29131",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673497",
          "CSAFPID-1673397",
          "CSAFPID-1673384",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673497",
            "CSAFPID-1673397",
            "CSAFPID-1673384",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-29131"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673497",
          "CSAFPID-1673397",
          "CSAFPID-1673384",
          "CSAFPID-1503575",
          "CSAFPID-1503603",
          "CSAFPID-764250",
          "CSAFPID-1503612",
          "CSAFPID-1503640",
          "CSAFPID-342816",
          "CSAFPID-816845",
          "CSAFPID-816846",
          "CSAFPID-1503299",
          "CSAFPID-1503302",
          "CSAFPID-1503306",
          "CSAFPID-1503661",
          "CSAFPID-1503663",
          "CSAFPID-764813"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673497",
            "CSAFPID-1673397",
            "CSAFPID-1673384",
            "CSAFPID-1503575",
            "CSAFPID-1503603",
            "CSAFPID-764250",
            "CSAFPID-1503612",
            "CSAFPID-1503640",
            "CSAFPID-342816",
            "CSAFPID-816845",
            "CSAFPID-816846",
            "CSAFPID-1503299",
            "CSAFPID-1503302",
            "CSAFPID-1503306",
            "CSAFPID-1503661",
            "CSAFPID-1503663",
            "CSAFPID-764813"
          ]
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-31079",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31079",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-31079"
    },
    {
      "cve": "CVE-2024-32760",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-32760"
    },
    {
      "cve": "CVE-2024-34161",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        },
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34161",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-34161"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673504",
          "CSAFPID-1673506"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673504",
            "CSAFPID-1673506"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-35200",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35200",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-35200"
    },
    {
      "cve": "CVE-2024-36137",
      "cwe": {
        "id": "CWE-275",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-275",
          "title": "CWE-275"
        },
        {
          "category": "other",
          "text": "Incorrect Permission Assignment for Critical Resource",
          "title": "CWE-732"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36137",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-36137"
    },
    {
      "cve": "CVE-2024-36138",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36138",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json"
        }
      ],
      "title": "CVE-2024-36138"
    },
    {
      "cve": "CVE-2024-36387",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36387",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-36387"
    },
    {
      "cve": "CVE-2024-37370",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673507",
          "CSAFPID-1673508",
          "CSAFPID-1673509"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37370",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673507",
            "CSAFPID-1673508",
            "CSAFPID-1673509"
          ]
        }
      ],
      "title": "CVE-2024-37370"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673507",
          "CSAFPID-1673508",
          "CSAFPID-1673509"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673507",
            "CSAFPID-1673508",
            "CSAFPID-1673509"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-37372",
      "product_status": {
        "known_affected": [
          "CSAFPID-89587"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37372",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-89587"
          ]
        }
      ],
      "title": "CVE-2024-37372"
    },
    {
      "cve": "CVE-2024-38356",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673510",
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38356",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673510",
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-38356"
    },
    {
      "cve": "CVE-2024-38357",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673510",
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38357",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673510",
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-38357"
    },
    {
      "cve": "CVE-2024-38472",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38472"
    },
    {
      "cve": "CVE-2024-38473",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Encoding Error",
          "title": "CWE-172"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38473",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38473"
    },
    {
      "cve": "CVE-2024-38474",
      "cwe": {
        "id": "CWE-172",
        "name": "Encoding Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Encoding Error",
          "title": "CWE-172"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38474",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38474"
    },
    {
      "cve": "CVE-2024-38475",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38475",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38475"
    },
    {
      "cve": "CVE-2024-38476",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Inclusion of Functionality from Untrusted Control Sphere",
          "title": "CWE-829"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38476",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38476"
    },
    {
      "cve": "CVE-2024-38477",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38477",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-38477"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673511",
          "CSAFPID-1673512",
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673511",
            "CSAFPID-1673512",
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673511",
          "CSAFPID-1673512",
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673511",
            "CSAFPID-1673512",
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-39573",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39573",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-39573"
    },
    {
      "cve": "CVE-2024-39884",
      "cwe": {
        "id": "CWE-18",
        "name": "-"
      },
      "notes": [
        {
          "category": "other",
          "text": "CWE-18",
          "title": "CWE-18"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39884",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417"
          ]
        }
      ],
      "title": "CVE-2024-39884"
    },
    {
      "cve": "CVE-2024-40725",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Exposure of Resource to Wrong Sphere",
          "title": "CWE-668"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-1673479"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40725",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-1673479"
          ]
        }
      ],
      "title": "CVE-2024-40725"
    },
    {
      "cve": "CVE-2024-40898",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-345049",
          "CSAFPID-611417",
          "CSAFPID-1673479"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40898",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-345049",
            "CSAFPID-611417",
            "CSAFPID-1673479"
          ]
        }
      ],
      "title": "CVE-2024-40898"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673442",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673385",
            "CSAFPID-1673442",
            "CSAFPID-1673386"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673442",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673385",
            "CSAFPID-1673442",
            "CSAFPID-1673386"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673385",
          "CSAFPID-1673442",
          "CSAFPID-1673386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673385",
            "CSAFPID-1673442",
            "CSAFPID-1673386"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-45801",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503575",
          "CSAFPID-1673188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45801",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503575",
            "CSAFPID-1673188"
          ]
        }
      ],
      "title": "CVE-2024-45801"
    }
  ]
}

NCSC-2024-0414

Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:17 - Updated: 2024-10-17 13:17

Summary

Kwetsbaarheden verholpen in Oracle Communications

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipuleren van gegevens - Uitvoer van willekeurige code (Gebruikersrechten) - Uitvoer van willekeurige code (Administratorrechten) - Toegang tot gevoelige gegevens

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-122: Heap-based Buffer Overflow

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-20: Improper Input Validation

CWE-466: Return of Pointer Value Outside of Expected Range

CWE-606: Unchecked Input for Loop Condition

CWE-390: Detection of Error Condition Without Action

CWE-405: Asymmetric Resource Consumption (Amplification)

CWE-222: Truncation of Security-relevant Information

CWE-364: Signal Handler Race Condition

CWE-450: Multiple Interpretations of UI Input

CWE-130: Improper Handling of Length Parameter Inconsistency

CWE-772: Missing Release of Resource after Effective Lifetime

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-126: Buffer Over-read

CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data

CWE-755: Improper Handling of Exceptional Conditions

CWE-834: Excessive Iteration

CWE-407: Inefficient Algorithmic Complexity

CWE-754: Improper Check for Unusual or Exceptional Conditions

CWE-703: Improper Check or Handling of Exceptional Conditions

CWE-427: Uncontrolled Search Path Element

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-195: Signed to Unsigned Conversion Error

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-116: Improper Encoding or Escaping of Output

CWE-345: Insufficient Verification of Data Authenticity

CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-190: Integer Overflow or Wraparound

CWE-61: UNIX Symbolic Link (Symlink) Following

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-416: Use After Free

CWE-401: Missing Release of Memory after Effective Lifetime

CWE-476: NULL Pointer Dereference

CWE-459: Incomplete Cleanup

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-248: Uncaught Exception

CWE-674: Uncontrolled Recursion

CWE-918: Server-Side Request Forgery (SSRF)

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CVE-2021-37137

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 155 products

Product	Identifier	Version
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.45:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.15:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:::::::*`	—
communications_services_gatekeeper oracle	`cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.0:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.1:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:4.3:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:4.4:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*`	—
communications_unified_session_manager oracle	`cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.3:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.2:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_session_manager oracle	`cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:::::::*`	—
communications_interactive_session_recorder oracle	`cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:::::::*`	—
communications_eagle_software oracle	`cpe:2.3:a:oracle:communications_eagle_software:46.7.0:::::::*`	—
communications_eagle_software oracle	`cpe:2.3:a:oracle:communications_eagle_software::::::::`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_session_route_manager oracle	`cpe:2.3:a:oracle:communications_session_route_manager::::::::`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:::::::*`	—
communications_evolved_communications_application_server oracle	`cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*`	—
communications_performance_intelligence_center__pic__software oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software::::::::`	—
communications_performance_intelligence_center__pic__software oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.4:::::::*`	—
communications_eagle_ftp_table_base_retrieval oracle	`cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:::::::*`	—
communications_eagle_lnp_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:::::::*`	—
communications_eagle_lnp_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:::::::*`	—
communications_eagle_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:::::::*`	—
communications_diameter_intelligence_hub oracle	`cpe:2.3:a:oracle:communications_diameter_intelligence_hub::::::::`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:::::::*`	—
communications_metasolv_solution oracle	`cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.3:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.3.5:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio::::::::`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.5:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.2.2:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:::::::*`	—
communications_contacts_server oracle	`cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—

CVE-2022-2068

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Affected products

Known affected 125 products

Product	Identifier	Version
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.45:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.15:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:::::::*`	—
communications_services_gatekeeper oracle	`cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.0:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.1:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.2:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1:::::::*`	—
communications_metasolv_solution oracle	`cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.3:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:::::::*`	—
communications_data_model oracle	`cpe:2.3:a:oracle:communications_data_model:12.2.0.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:::::::*`	—
communications_converged_application_server_-_service_controller oracle	`cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0:::::::*`	—
communications_evolved_communications_application_server oracle	`cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*`	—
communications_interactive_session_recorder oracle	`cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2022-2601

8.6 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 31 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2022-23437

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 271 products

Product	Identifier	Version
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.3:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:::::::*`	—
communications_metasolv_solution oracle	`cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.3:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:::::::*`	—
communications_converged_application_server_-_service_controller oracle	`cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_calendar_server oracle	`cpe:2.3:a:oracle:communications_calendar_server::::::::`	—
communications_contacts_server oracle	`cpe:2.3:a:oracle:communications_contacts_server::::::::`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.2:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.45:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.15:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.1:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:::::::*`	—
communications_services_gatekeeper oracle	`cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.0:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.1:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_converged_application_server oracle	`cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:::::::*`	—
communications_converged_application_server oracle	`cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:::::::*`	—
communications_diameter_intelligence_hub oracle	`cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:::::::*`	—
communications_performance_intelligence_center__pic__software oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:::::::*`	—
communications_calendar_server oracle	`cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:::::::*`	—
communications_contacts_server oracle	`cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.2:::::::*`	—
communications_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_elastic_charging_engine::::::::`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:::::::*`	—
communications_converged_application_server_-_service_controller oracle	`cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0:::::::*`	—
communications_evolved_communications_application_server oracle	`cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*`	—
communications_interactive_session_recorder oracle	`cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:8.4:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:::::::*`	—
communications_data_model oracle	`cpe:2.3:a:oracle:communications_data_model:12.2.0.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:4.3:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:4.4:::::::*`	—
communications_unified_session_manager oracle	`cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_session_manager oracle	`cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:::::::*`	—
communications_eagle_software oracle	`cpe:2.3:a:oracle:communications_eagle_software:46.7.0:::::::*`	—
communications_eagle_software oracle	`cpe:2.3:a:oracle:communications_eagle_software::::::::`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_session_route_manager oracle	`cpe:2.3:a:oracle:communications_session_route_manager::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:::::::*`	—
communications_performance_intelligence_center__pic__software oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software::::::::`	—
communications_performance_intelligence_center__pic__software oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.4:::::::*`	—
communications_eagle_ftp_table_base_retrieval oracle	`cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:::::::*`	—
communications_eagle_lnp_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:::::::*`	—
communications_eagle_lnp_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:::::::*`	—
communications_eagle_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:::::::*`	—
communications_diameter_intelligence_hub oracle	`cpe:2.3:a:oracle:communications_diameter_intelligence_hub::::::::`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.3.5:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio::::::::`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.5:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.2.2:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:::::::*`	—
communications_contacts_server oracle	`cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:::::::*`	—
communications_lsms oracle	`cpe:2.3:a:oracle:communications_lsms:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2022-36760

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 124 products

Product	Identifier	Version
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:::::::*`	—
communications_converged_application_server_-_service_controller oracle	`cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_calendar_server oracle	`cpe:2.3:a:oracle:communications_calendar_server::::::::`	—
communications_contacts_server oracle	`cpe:2.3:a:oracle:communications_contacts_server::::::::`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.2:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:::::::*`	—
communications_design_studio oracle	`cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:::::::*`	—
communications_cloud_native_configuration_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:8.45:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.15:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.1:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:::::::*`	—
communications_services_gatekeeper oracle	`cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.0:::::::*`	—
communications_session_router oracle	`cpe:2.3:a:oracle:communications_session_router:9.1:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:::::::*`	—
communications_subscriber-aware_load_balancer oracle	`cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2023-2953

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 39 products

Product	Identifier	Version
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2023-3635

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-195 - Signed to Unsigned Conversion Error

Affected products

Known affected 163 products

CVE-2023-4043

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-834 - Excessive Iteration

Affected products

Known affected 176 products

CVE-2023-5685

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 107 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2023-6597

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

CWE-61 - UNIX Symbolic Link (Symlink) Following

Affected products

Known affected 94 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2023-6816

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Known affected 31 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2023-38408

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 65 products

Product	Identifier	Version
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_metasolv_solution oracle	`cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2023-43642

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 75 products

CVE-2023-46136

8.0 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-407 - Inefficient Algorithmic Complexity

Affected products

Known affected 46 products

Product	Identifier	Version
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2023-48795

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Known affected 206 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.4.53:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.2:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_instant_messaging_server oracle	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:::::::*`	—
communications_metasolv_solution oracle	`cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:::::::*`	—
communications_order_and_service_management oracle	`cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:::::::*`	—
communications_eagle_application_processor oracle	`cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager:9.0.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_convergence oracle	`cpe:2.3:a:oracle:communications_convergence:3.0.3.3:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—

CVE-2023-51775

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 157 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2023-52428

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 98 products

CVE-2024-0450

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-450 - Multiple Interpretations of UI Input

Affected products

Known affected 105 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-2398

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-772 - Missing Release of Resource after Effective Lifetime

Affected products

Known affected 36 products

Product	Identifier	Version
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-4577

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Known affected 32 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-4603

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-606 - Unchecked Input for Loop Condition

Affected products

Known affected 92 products

Product	Identifier	Version
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-5585

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-116 - Improper Encoding or Escaping of Output

Affected products

Known affected 13 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—

CVE-2024-5971

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Known affected 40 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-6162

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 107 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-6387

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 32 products

Product	Identifier	Version
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-7254

CWE-20 - Improper Input Validation

Affected products

Known affected 36 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-7264

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—

CVE-2024-22020

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 33 products

Product	Identifier	Version
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 149 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-22257

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CWE-284 - Improper Access Control

Affected products

Known affected 156 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-22262

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 106 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-23672

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-459 - Incomplete Cleanup

Affected products

Known affected 144 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-23807

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 103 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`	—
communications_ip_service_activator oracle	`cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:::::::*`	—
communications_messaging_server oracle	`cpe:2.3:a:oracle:communications_messaging_server:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-24549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 137 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-25062

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 - Use After Free

Affected products

Known affected 157 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-25638

8.9 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Known affected 34 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 156 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.3.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.7.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:22.4.0:::::::*`	—
communications___9.0.2 oracle	`cpe:2.3:a:oracle:communications___9.0.2::::::::`	—
communications___7.2.1.0.0 oracle	`cpe:2.3:a:oracle:communications___7.2.1.0.0::::::::`	—
communications___23.4.2 oracle	`cpe:2.3:a:oracle:communications___23.4.2::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—
communications_network_integrity oracle	`cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management::::::::`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:::::::*`	—
communications_offline_mediation_controller oracle	`cpe:2.3:a:oracle:communications_offline_mediation_controller::::::::`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:::::::*`	—
communications_fraud_monitor oracle	`cpe:2.3:a:oracle:communications_fraud_monitor:5.2:::::::*`	—
communications_webrtc_session_controller oracle	`cpe:2.3:a:oracle:communications_webrtc_session_controller::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—

CVE-2024-28182

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 116 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_performance_intelligence_center oracle	`cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_certificate_management oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-28849

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 104 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 108 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:10.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:46.6.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications___23.4.3 oracle	`cpe:2.3:a:oracle:communications___23.4.3::::::::`	—
communications___23.4.4 oracle	`cpe:2.3:a:oracle:communications___23.4.4::::::::`	—
communications___8.6.0.6 oracle	`cpe:2.3:a:oracle:communications___8.6.0.6::::::::`	—
communications___8.6.0.8 oracle	`cpe:2.3:a:oracle:communications___8.6.0.8::::::::`	—
communications___9.0.3 oracle	`cpe:2.3:a:oracle:communications___9.0.3::::::::`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-29133

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 75 products

CVE-2024-29736

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 32 products

Product	Identifier	Version
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-29857

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 93 products

Product	Identifier	Version
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function::::::::`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:::::::*`	—
communications_cloud_native_core_network_data_analytics_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:::::::*`	—
communications_cloud_native_core_network_exposure_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:::::::*`	—
communications_cloud_native_core_network_function_cloud_native_environment oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy::::::::`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:::::::*`	—
communications_diameter_signaling_router oracle	`cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:::::::*`	—
communications_eagle_element_management_system oracle	`cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:::::::*`	—
communications_element_manager oracle	`cpe:2.3:a:oracle:communications_element_manager::::::::`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications_performance_intelligence oracle	`cpe:2.3:a:oracle:communications_performance_intelligence:10.5:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:::::::*`	—
communications_policy_management oracle	`cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_report_manager oracle	`cpe:2.3:a:oracle:communications_session_report_manager::::::::`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:::::::*`	—
communications_asap oracle	`cpe:2.3:a:oracle:communications_asap:7.4:::::::*`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine::::::::`	—
communications_brm_-_elastic_charging_engine oracle	`cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:::::::*`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management::::::::`	—
communications_billing_and_revenue_management oracle	`cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:::::::*`	—
communications_converged_charging_system oracle	`cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller::::::::`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:::::::*`	—
communications_convergent_charging_controller oracle	`cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control::::::::`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:::::::*`	—
communications_network_charging_and_control oracle	`cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:::::::*`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center::::::::`	—
communications_pricing_design_center oracle	`cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:::::::*`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design::::::::`	—
communications_service_catalog_and_design oracle	`cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance::::::::`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:::::::*`	—
communications_unified_inventory_management oracle	`cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:::::::*`	—

CVE-2024-30251

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 32 products

Product	Identifier	Version
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-31080

CWE-126 - Buffer Over-read

Affected products

Known affected 31 products

Product	Identifier	Version
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-31744

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 35 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-32760

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 33 products

Product	Identifier	Version
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.1:::::::*`	—
communications_operations_monitor oracle	`cpe:2.3:a:oracle:communications_operations_monitor:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-33602

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-466 - Return of Pointer Value Outside of Expected Range

Affected products

Known affected 41 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:::::::*`	—
communications_session_border_controller oracle	`cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_core_session_manager oracle	`cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-34750

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Known affected 35 products

Product	Identifier	Version
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:14.0:::::::*`	—
communications_user_data_repository oracle	`cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-37371

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-130 - Improper Handling of Length Parameter Inconsistency

Affected products

Known affected 46 products

Product	Identifier	Version
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_service_communication_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_network_analytics_data_director oracle	`cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:::::::*`	—
communications_cloud_native_core_console oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 33 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-38816

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 33 products

Product	Identifier	Version
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:::::::*`	—
communications_cloud_native_core_dbtier oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-39689

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Known affected 4 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—

CVE-2024-40898

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 48 products

Product	Identifier	Version
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-41817

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-427 - Uncontrolled Search Path Element

Affected products

Known affected 14 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—

CVE-2024-43044

9.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 41 products

Product	Identifier	Version
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:::::::*`	—
communications_cloud_native_core_network_slice_selection_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:::::::*`	—
communications_cloud_native_core_security_edge_protection_proxy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:::::::*`	—
communications_cloud_native_core_network_repository_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:::::::*`	—
communications_cloud_native_core_automated_test_suite oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 48 products

Product	Identifier	Version
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:::::::*`	—
communications_cloud_native_core_unified_data_repository oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:::::::*`	—
communications_unified_assurance oracle	`cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:::::::*`	—
communications_cloud_native_core_policy oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:::::::*`	—
communications_cloud_native_core_binding_support_function oracle	`cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:8.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.4.1:::::::*`	—
communications_applications oracle	`cpe:2.3:a:oracle:communications_applications:7.5.0:::::::*`	—
communications_applications___6.0.4 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.4::::::::`	—
communications_applications___6.0.5 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.5::::::::`	—
communications_applications___5.5.22 oracle	`cpe:2.3:a:oracle:communications_applications___5.5.22::::::::`	—
communications_applications___12.0.6.0.0 oracle	`cpe:2.3:a:oracle:communications_applications___12.0.6.0.0::::::::`	—
communications_applications___6.0.3 oracle	`cpe:2.3:a:oracle:communications_applications___6.0.3::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.11.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:4.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.2.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0.0.0:::::::*`	—
communications__10.4.0.4 oracle	`cpe:2.3:a:oracle:communications__10.4.0.4::::::::`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.9.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:14.0.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:17.0.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.5:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:12.6.1.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.1.1.3.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:5.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.2:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.2.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:24.1.1:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.3:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:9.0.1.10.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.4:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:15.0.0.0.0:::::::*`	—
communications oracle	`cpe:2.3:a:oracle:communications:23.4.0:::::::*`	—
communications___9.1.1.8.0 oracle	`cpe:2.3:a:oracle:communications___9.1.1.8.0::::::::`	—
communications___24.2.0 oracle	`cpe:2.3:a:oracle:communications___24.2.0::::::::`	—
communications___23.4.5 oracle	`cpe:2.3:a:oracle:communications___23.4.5::::::::`	—
communications___23.4.6 oracle	`cpe:2.3:a:oracle:communications___23.4.6::::::::`	—

References

58 references

URL	Category
https://www.oracle.com/security-alerts/cpuoct2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Return of Pointer Value Outside of Expected Range",
        "title": "CWE-466"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Asymmetric Resource Consumption (Amplification)",
        "title": "CWE-405"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Signal Handler Race Condition",
        "title": "CWE-364"
      },
      {
        "category": "general",
        "text": "Multiple Interpretations of UI Input",
        "title": "CWE-450"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Missing Release of Resource after Effective Lifetime",
        "title": "CWE-772"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
        "title": "CWE-88"
      },
      {
        "category": "general",
        "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
        "title": "CWE-349"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Inefficient Algorithmic Complexity",
        "title": "CWE-407"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Improper Check or Handling of Exceptional Conditions",
        "title": "CWE-703"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Signed to Unsigned Conversion Error",
        "title": "CWE-195"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "UNIX Symbolic Link (Symlink) Following",
        "title": "CWE-61"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Uncaught Exception",
        "title": "CWE-248"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications",
    "tracking": {
      "current_release_date": "2024-10-17T13:17:52.103171Z",
      "id": "NCSC-2024-0414",
      "initial_release_date": "2024-10-17T13:17:52.103171Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:17:52.103171Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635305",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635323",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670430",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635320",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670439",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670429",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670435",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670431",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670436",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670432",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635321",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674640",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674642",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670434",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674639",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635314",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670438",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635315",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670433",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674641",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670437",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635308",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications__10.4.0.4",
            "product": {
              "name": "communications__10.4.0.4",
              "product_id": "CSAFPID-1674629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.2",
            "product": {
              "name": "communications___23.4.2",
              "product_id": "CSAFPID-1670442",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.3",
            "product": {
              "name": "communications___23.4.3",
              "product_id": "CSAFPID-1635325",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.4",
            "product": {
              "name": "communications___23.4.4",
              "product_id": "CSAFPID-1635326",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.5",
            "product": {
              "name": "communications___23.4.5",
              "product_id": "CSAFPID-1674645",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.6",
            "product": {
              "name": "communications___23.4.6",
              "product_id": "CSAFPID-1674646",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___24.2.0",
            "product": {
              "name": "communications___24.2.0",
              "product_id": "CSAFPID-1674644",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___7.2.1.0.0",
            "product": {
              "name": "communications___7.2.1.0.0",
              "product_id": "CSAFPID-1670441",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.6",
            "product": {
              "name": "communications___8.6.0.6",
              "product_id": "CSAFPID-1635327",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.8",
            "product": {
              "name": "communications___8.6.0.8",
              "product_id": "CSAFPID-1635328",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.2",
            "product": {
              "name": "communications___9.0.2",
              "product_id": "CSAFPID-1670440",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.3",
            "product": {
              "name": "communications___9.0.3",
              "product_id": "CSAFPID-1635329",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.1.1.8.0",
            "product": {
              "name": "communications___9.1.1.8.0",
              "product_id": "CSAFPID-1674643",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674621",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674618",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674619",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674617",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674623",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674620",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___12.0.6.0.0",
            "product": {
              "name": "communications_applications___12.0.6.0.0",
              "product_id": "CSAFPID-1674627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___5.5.22",
            "product": {
              "name": "communications_applications___5.5.22",
              "product_id": "CSAFPID-1674626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.3",
            "product": {
              "name": "communications_applications___6.0.3",
              "product_id": "CSAFPID-1674628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.4",
            "product": {
              "name": "communications_applications___6.0.4",
              "product_id": "CSAFPID-1674624",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.5",
            "product": {
              "name": "communications_applications___6.0.5",
              "product_id": "CSAFPID-1674625",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-204629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-1673475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-816792",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-764735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-1650734",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-204639",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-204627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-816793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-912557",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
            "product": {
              "name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
              "product_id": "CSAFPID-219835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-764247",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209549",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-41194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-1650820",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-765241",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-498607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-912556",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_calendar_server",
            "product": {
              "name": "communications_calendar_server",
              "product_id": "CSAFPID-764736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_calendar_server",
            "product": {
              "name": "communications_calendar_server",
              "product_id": "CSAFPID-220190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_configuration_console",
            "product": {
              "name": "communications_cloud_native_configuration_console",
              "product_id": "CSAFPID-391501",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_configuration_console",
            "product": {
              "name": "communications_cloud_native_configuration_console",
              "product_id": "CSAFPID-440102",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-89545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-180215",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-180197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-41516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-41515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220057",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220055",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816765",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816766",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1503577",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673416",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673412",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673411",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-764237",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-2045",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-40612",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-608629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-93784",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1899",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-41111",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1685",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-493445",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-294401",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-220547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-764824",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-220459",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45184",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45181",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611405",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611403",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611404",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1650752",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1673396",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-912066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1503323",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673526",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-165550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-93546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-180195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-40299",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-187447",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-45186",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-45185",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-220559",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-220558",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-764238",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-764239",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816768",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816769",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-912085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1503578",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673390",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673421",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673420",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-764825",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-912068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-1503579",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-180201",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-1900",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-760687",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-40947",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-93635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-503534",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-90018",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-220327",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-94290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-220325",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-614513",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-643776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-816772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-912076",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-1503580",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40613",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-2044",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40301",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-180194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-449747",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40298",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-223527",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-449746",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-503493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-260394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-219838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-611387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-618156",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-816773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912101",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1673473",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1503581",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912539",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912540",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912541",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912542",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912543",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-40611",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-40609",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-180198",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-41112",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-41110",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-760688",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-493444",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-93633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220056",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-223511",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-216017",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220918",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614514",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816346",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912077",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1503322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673415",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816775",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912544",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-40608",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-180199",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-41113",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-260395",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-260393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816348",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-912545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816347",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-1673494",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-1673501",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-764240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-220468",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-2310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-93547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-180200",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-180193",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1898",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-93636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-90020",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-90015",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-220133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1650751",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673395",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-912069",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-765371",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-180216",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-180202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-40300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-93653",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-40949",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-642000",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-93634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220561",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-90021",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-94292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-218028",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220881",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-94291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220910",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-611401",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-816778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-614517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1503582",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-40610",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-611587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-642002",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-493443",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-642001",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-224796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-224795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912102",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912549",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503583",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503584",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503585",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1672767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-180217",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-180196",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-165576",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-40297",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764899",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-589926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-179780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-40948",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-589925",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-179779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-90019",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-90016",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-220326",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764241",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912078",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816349",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503586",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1673399",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-764737",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-224787",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-220189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-764827",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-764828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server_-_service_controller",
            "product": {
              "name": "communications_converged_application_server_-_service_controller",
              "product_id": "CSAFPID-764734",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server_-_service_controller",
            "product": {
              "name": "communications_converged_application_server_-_service_controller",
              "product_id": "CSAFPID-426842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503599",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-345031",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-204635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-764833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-224793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-816794",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-342793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1650777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-764248",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-816350",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-110244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-110242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-93777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-1672764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-93772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_data_model",
            "product": {
              "name": "communications_data_model",
              "product_id": "CSAFPID-764902",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-765372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-342799",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704412",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704411",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-165544",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704410",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-41183",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_intelligence_hub",
            "product": {
              "name": "communications_diameter_intelligence_hub",
              "product_id": "CSAFPID-342802",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_intelligence_hub",
            "product": {
              "name": "communications_diameter_intelligence_hub",
              "product_id": "CSAFPID-764829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1503588",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1892",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1891",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1888",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1887",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1884",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1885",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1882",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1881",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1883",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1879",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1880",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-40293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1650826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1650830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-611413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912551",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912552",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_application_processor",
            "product": {
              "name": "communications_eagle_application_processor",
              "product_id": "CSAFPID-1673417",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_application_processor",
            "product": {
              "name": "communications_eagle_application_processor",
              "product_id": "CSAFPID-765369",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-204528",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_ftp_table_base_retrieval",
            "product": {
              "name": "communications_eagle_ftp_table_base_retrieval",
              "product_id": "CSAFPID-204623",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_lnp_application_processor",
            "product": {
              "name": "communications_eagle_lnp_application_processor",
              "product_id": "CSAFPID-352633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_lnp_application_processor",
            "product": {
              "name": "communications_eagle_lnp_application_processor",
              "product_id": "CSAFPID-352632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_software",
            "product": {
              "name": "communications_eagle_software",
              "product_id": "CSAFPID-765366",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_software",
            "product": {
              "name": "communications_eagle_software",
              "product_id": "CSAFPID-765365",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_elastic_charging_engine",
            "product": {
              "name": "communications_elastic_charging_engine",
              "product_id": "CSAFPID-764834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-764242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204597",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204580",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-9226",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-9070",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-8845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204624",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-2286",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204464",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-345038",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-93629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-611422",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-93630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-816780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_evolved_communications_application_server",
            "product": {
              "name": "communications_evolved_communications_application_server",
              "product_id": "CSAFPID-204645",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816782",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-912553",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-207586",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-234306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-219803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-387664",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_interactive_session_recorder",
            "product": {
              "name": "communications_interactive_session_recorder",
              "product_id": "CSAFPID-1893",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-204622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-219909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_lsms",
            "product": {
              "name": "communications_lsms",
              "product_id": "CSAFPID-1673065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-764835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-375182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-816351",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-41182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_metasolv_solution",
            "product": {
              "name": "communications_metasolv_solution",
              "product_id": "CSAFPID-611595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_metasolv_solution",
            "product": {
              "name": "communications_metasolv_solution",
              "product_id": "CSAFPID-226017",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-220167",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816353",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-764243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816352",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1673414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816783",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816786",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816784",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816787",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816785",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816788",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-342803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1650778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-764249",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-816354",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-204563",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-220125",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-245244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-219776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-204554",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-765242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-9489",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-110249",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-93781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-220132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-912079",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-224791",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-219898",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-224790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-221118",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-179774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-1673496",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence",
            "product": {
              "name": "communications_performance_intelligence",
              "product_id": "CSAFPID-1503591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center",
            "product": {
              "name": "communications_performance_intelligence_center",
              "product_id": "CSAFPID-1673485",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-765367",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-765368",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-764830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-573035",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-45192",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-611406",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816789",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-764738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-204595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-204590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-816355",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503601",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816359",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816358",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816357",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-912558",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503602",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816797",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_services_gatekeeper",
            "product": {
              "name": "communications_services_gatekeeper",
              "product_id": "CSAFPID-608630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503593",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40294",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1672762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503594",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-342804",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-704413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-166028",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2294",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2288",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2282",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2285",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2279",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-204634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-345039",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-93628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-611423",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-93631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-816791",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-342805",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-704414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-166027",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2295",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2289",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2287",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2283",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2284",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2280",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2281",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-220414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-204607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_router",
            "product": {
              "name": "communications_session_router",
              "product_id": "CSAFPID-764780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_router",
            "product": {
              "name": "communications_session_router",
              "product_id": "CSAFPID-764781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_subscriber-aware_load_balancer",
            "product": {
              "name": "communications_subscriber-aware_load_balancer",
              "product_id": "CSAFPID-93775",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_subscriber-aware_load_balancer",
            "product": {
              "name": "communications_subscriber-aware_load_balancer",
              "product_id": "CSAFPID-93774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-240600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78763",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673070",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673381",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1650731",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673530",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-764901",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78761",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-614089",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-764739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204614",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-8984",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204510",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204569",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-219826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-912073",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_session_manager",
            "product": {
              "name": "communications_unified_session_manager",
              "product_id": "CSAFPID-110243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_session_manager",
            "product": {
              "name": "communications_unified_session_manager",
              "product_id": "CSAFPID-205759",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503596",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503597",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503598",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-764900",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-76994",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-568240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-764782",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-355340",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-912080",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1673481",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-912554",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-611408",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-703515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-611407",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-204456",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-37137",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-41182",
          "CSAFPID-209546",
          "CSAFPID-40608",
          "CSAFPID-180216",
          "CSAFPID-93547",
          "CSAFPID-180217",
          "CSAFPID-2310",
          "CSAFPID-40612",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45182",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-216017",
          "CSAFPID-764240",
          "CSAFPID-90021",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-94291",
          "CSAFPID-493443",
          "CSAFPID-224796",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-40293",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-93781",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-342793",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-342803",
          "CSAFPID-204563",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-1899",
          "CSAFPID-41111",
          "CSAFPID-40299",
          "CSAFPID-187447",
          "CSAFPID-1900",
          "CSAFPID-40301",
          "CSAFPID-180194",
          "CSAFPID-40298",
          "CSAFPID-41112",
          "CSAFPID-41110",
          "CSAFPID-41113",
          "CSAFPID-180193",
          "CSAFPID-1898",
          "CSAFPID-40300",
          "CSAFPID-611587",
          "CSAFPID-40297",
          "CSAFPID-110244",
          "CSAFPID-110242",
          "CSAFPID-9489",
          "CSAFPID-110249",
          "CSAFPID-40294",
          "CSAFPID-110243",
          "CSAFPID-204629",
          "CSAFPID-765241",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-41183",
          "CSAFPID-207586",
          "CSAFPID-765242",
          "CSAFPID-205759",
          "CSAFPID-1893",
          "CSAFPID-765365",
          "CSAFPID-765366",
          "CSAFPID-342804",
          "CSAFPID-342805",
          "CSAFPID-204456",
          "CSAFPID-1882",
          "CSAFPID-573035",
          "CSAFPID-204645",
          "CSAFPID-765367",
          "CSAFPID-765368",
          "CSAFPID-764242",
          "CSAFPID-76994",
          "CSAFPID-204623",
          "CSAFPID-352633",
          "CSAFPID-352632",
          "CSAFPID-765369",
          "CSAFPID-204528",
          "CSAFPID-342802",
          "CSAFPID-40610",
          "CSAFPID-40611",
          "CSAFPID-40609",
          "CSAFPID-180198",
          "CSAFPID-180196",
          "CSAFPID-180201",
          "CSAFPID-180202",
          "CSAFPID-40613",
          "CSAFPID-180199",
          "CSAFPID-93546",
          "CSAFPID-180195",
          "CSAFPID-180200",
          "CSAFPID-765371",
          "CSAFPID-89545",
          "CSAFPID-180215",
          "CSAFPID-180197",
          "CSAFPID-204639",
          "CSAFPID-204627",
          "CSAFPID-226017",
          "CSAFPID-219898",
          "CSAFPID-179774",
          "CSAFPID-342799",
          "CSAFPID-765372",
          "CSAFPID-220125",
          "CSAFPID-245244",
          "CSAFPID-204554",
          "CSAFPID-764739",
          "CSAFPID-204614",
          "CSAFPID-345031",
          "CSAFPID-204635",
          "CSAFPID-204595",
          "CSAFPID-204590",
          "CSAFPID-224787",
          "CSAFPID-1673381",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-37137",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-41182",
            "CSAFPID-209546",
            "CSAFPID-40608",
            "CSAFPID-180216",
            "CSAFPID-93547",
            "CSAFPID-180217",
            "CSAFPID-2310",
            "CSAFPID-40612",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45182",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-216017",
            "CSAFPID-764240",
            "CSAFPID-90021",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-94291",
            "CSAFPID-493443",
            "CSAFPID-224796",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-40293",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-93781",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-342793",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-342803",
            "CSAFPID-204563",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-1899",
            "CSAFPID-41111",
            "CSAFPID-40299",
            "CSAFPID-187447",
            "CSAFPID-1900",
            "CSAFPID-40301",
            "CSAFPID-180194",
            "CSAFPID-40298",
            "CSAFPID-41112",
            "CSAFPID-41110",
            "CSAFPID-41113",
            "CSAFPID-180193",
            "CSAFPID-1898",
            "CSAFPID-40300",
            "CSAFPID-611587",
            "CSAFPID-40297",
            "CSAFPID-110244",
            "CSAFPID-110242",
            "CSAFPID-9489",
            "CSAFPID-110249",
            "CSAFPID-40294",
            "CSAFPID-110243",
            "CSAFPID-204629",
            "CSAFPID-765241",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-41183",
            "CSAFPID-207586",
            "CSAFPID-765242",
            "CSAFPID-205759",
            "CSAFPID-1893",
            "CSAFPID-765365",
            "CSAFPID-765366",
            "CSAFPID-342804",
            "CSAFPID-342805",
            "CSAFPID-204456",
            "CSAFPID-1882",
            "CSAFPID-573035",
            "CSAFPID-204645",
            "CSAFPID-765367",
            "CSAFPID-765368",
            "CSAFPID-764242",
            "CSAFPID-76994",
            "CSAFPID-204623",
            "CSAFPID-352633",
            "CSAFPID-352632",
            "CSAFPID-765369",
            "CSAFPID-204528",
            "CSAFPID-342802",
            "CSAFPID-40610",
            "CSAFPID-40611",
            "CSAFPID-40609",
            "CSAFPID-180198",
            "CSAFPID-180196",
            "CSAFPID-180201",
            "CSAFPID-180202",
            "CSAFPID-40613",
            "CSAFPID-180199",
            "CSAFPID-93546",
            "CSAFPID-180195",
            "CSAFPID-180200",
            "CSAFPID-765371",
            "CSAFPID-89545",
            "CSAFPID-180215",
            "CSAFPID-180197",
            "CSAFPID-204639",
            "CSAFPID-204627",
            "CSAFPID-226017",
            "CSAFPID-219898",
            "CSAFPID-179774",
            "CSAFPID-342799",
            "CSAFPID-765372",
            "CSAFPID-220125",
            "CSAFPID-245244",
            "CSAFPID-204554",
            "CSAFPID-764739",
            "CSAFPID-204614",
            "CSAFPID-345031",
            "CSAFPID-204635",
            "CSAFPID-204595",
            "CSAFPID-204590",
            "CSAFPID-224787",
            "CSAFPID-1673381",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2021-37137"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40949",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45182",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-216017",
          "CSAFPID-764240",
          "CSAFPID-90021",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-94291",
          "CSAFPID-493443",
          "CSAFPID-224796",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-40293",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-93781",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-342793",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-342803",
          "CSAFPID-204563",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-40294",
          "CSAFPID-93631",
          "CSAFPID-764900",
          "CSAFPID-568240",
          "CSAFPID-355340",
          "CSAFPID-703515",
          "CSAFPID-204456",
          "CSAFPID-764735",
          "CSAFPID-204635",
          "CSAFPID-41183",
          "CSAFPID-234306",
          "CSAFPID-41182",
          "CSAFPID-226017",
          "CSAFPID-219898",
          "CSAFPID-179774",
          "CSAFPID-764738",
          "CSAFPID-764901",
          "CSAFPID-764902",
          "CSAFPID-220547",
          "CSAFPID-187447",
          "CSAFPID-760687",
          "CSAFPID-40947",
          "CSAFPID-2044",
          "CSAFPID-449747",
          "CSAFPID-40301",
          "CSAFPID-449746",
          "CSAFPID-40298",
          "CSAFPID-223527",
          "CSAFPID-760688",
          "CSAFPID-93636",
          "CSAFPID-40300",
          "CSAFPID-93653",
          "CSAFPID-642000",
          "CSAFPID-642002",
          "CSAFPID-642001",
          "CSAFPID-165576",
          "CSAFPID-764899",
          "CSAFPID-40948",
          "CSAFPID-426842",
          "CSAFPID-93630",
          "CSAFPID-204645",
          "CSAFPID-1893",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-2068",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40949",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45182",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-216017",
            "CSAFPID-764240",
            "CSAFPID-90021",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-94291",
            "CSAFPID-493443",
            "CSAFPID-224796",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-40293",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-93781",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-342793",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-342803",
            "CSAFPID-204563",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-40294",
            "CSAFPID-93631",
            "CSAFPID-764900",
            "CSAFPID-568240",
            "CSAFPID-355340",
            "CSAFPID-703515",
            "CSAFPID-204456",
            "CSAFPID-764735",
            "CSAFPID-204635",
            "CSAFPID-41183",
            "CSAFPID-234306",
            "CSAFPID-41182",
            "CSAFPID-226017",
            "CSAFPID-219898",
            "CSAFPID-179774",
            "CSAFPID-764738",
            "CSAFPID-764901",
            "CSAFPID-764902",
            "CSAFPID-220547",
            "CSAFPID-187447",
            "CSAFPID-760687",
            "CSAFPID-40947",
            "CSAFPID-2044",
            "CSAFPID-449747",
            "CSAFPID-40301",
            "CSAFPID-449746",
            "CSAFPID-40298",
            "CSAFPID-223527",
            "CSAFPID-760688",
            "CSAFPID-93636",
            "CSAFPID-40300",
            "CSAFPID-93653",
            "CSAFPID-642000",
            "CSAFPID-642002",
            "CSAFPID-642001",
            "CSAFPID-165576",
            "CSAFPID-764899",
            "CSAFPID-40948",
            "CSAFPID-426842",
            "CSAFPID-93630",
            "CSAFPID-204645",
            "CSAFPID-1893",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2601",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-2601",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-2601"
    },
    {
      "cve": "CVE-2022-23437",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-704410",
          "CSAFPID-704411",
          "CSAFPID-704412",
          "CSAFPID-226017",
          "CSAFPID-179774",
          "CSAFPID-219898",
          "CSAFPID-219826",
          "CSAFPID-204569",
          "CSAFPID-204510",
          "CSAFPID-220057",
          "CSAFPID-220055",
          "CSAFPID-220909",
          "CSAFPID-45184",
          "CSAFPID-45182",
          "CSAFPID-220559",
          "CSAFPID-220558",
          "CSAFPID-220327",
          "CSAFPID-220325",
          "CSAFPID-219838",
          "CSAFPID-220056",
          "CSAFPID-223511",
          "CSAFPID-216017",
          "CSAFPID-220889",
          "CSAFPID-220918",
          "CSAFPID-90020",
          "CSAFPID-90015",
          "CSAFPID-220133",
          "CSAFPID-220561",
          "CSAFPID-90021",
          "CSAFPID-220881",
          "CSAFPID-94291",
          "CSAFPID-220910",
          "CSAFPID-220324",
          "CSAFPID-224796",
          "CSAFPID-224795",
          "CSAFPID-220326",
          "CSAFPID-764734",
          "CSAFPID-40293",
          "CSAFPID-220167",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764736",
          "CSAFPID-764737",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-219803",
          "CSAFPID-375182",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-219776",
          "CSAFPID-224791",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-764738",
          "CSAFPID-240600",
          "CSAFPID-764739",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-764240",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-493443",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-204563",
          "CSAFPID-8984",
          "CSAFPID-220548",
          "CSAFPID-608629",
          "CSAFPID-93784",
          "CSAFPID-41111",
          "CSAFPID-1685",
          "CSAFPID-493445",
          "CSAFPID-294401",
          "CSAFPID-220547",
          "CSAFPID-764824",
          "CSAFPID-220459",
          "CSAFPID-764825",
          "CSAFPID-93635",
          "CSAFPID-503534",
          "CSAFPID-503493",
          "CSAFPID-493444",
          "CSAFPID-93633",
          "CSAFPID-260395",
          "CSAFPID-260393",
          "CSAFPID-220468",
          "CSAFPID-93636",
          "CSAFPID-93634",
          "CSAFPID-589926",
          "CSAFPID-179780",
          "CSAFPID-589925",
          "CSAFPID-179779",
          "CSAFPID-764826",
          "CSAFPID-764827",
          "CSAFPID-764828",
          "CSAFPID-764829",
          "CSAFPID-764830",
          "CSAFPID-220190",
          "CSAFPID-220189",
          "CSAFPID-764833",
          "CSAFPID-41183",
          "CSAFPID-764834",
          "CSAFPID-234306",
          "CSAFPID-764835",
          "CSAFPID-187447",
          "CSAFPID-760687",
          "CSAFPID-40947",
          "CSAFPID-2044",
          "CSAFPID-449747",
          "CSAFPID-40301",
          "CSAFPID-449746",
          "CSAFPID-40298",
          "CSAFPID-223527",
          "CSAFPID-760688",
          "CSAFPID-40300",
          "CSAFPID-93653",
          "CSAFPID-40949",
          "CSAFPID-642000",
          "CSAFPID-642002",
          "CSAFPID-642001",
          "CSAFPID-165576",
          "CSAFPID-764899",
          "CSAFPID-40948",
          "CSAFPID-426842",
          "CSAFPID-93630",
          "CSAFPID-204645",
          "CSAFPID-1893",
          "CSAFPID-40294",
          "CSAFPID-93631",
          "CSAFPID-764900",
          "CSAFPID-568240",
          "CSAFPID-355340",
          "CSAFPID-703515",
          "CSAFPID-204456",
          "CSAFPID-204635",
          "CSAFPID-41182",
          "CSAFPID-764901",
          "CSAFPID-764902",
          "CSAFPID-1899",
          "CSAFPID-40299",
          "CSAFPID-1900",
          "CSAFPID-180194",
          "CSAFPID-41112",
          "CSAFPID-41110",
          "CSAFPID-41113",
          "CSAFPID-180193",
          "CSAFPID-1898",
          "CSAFPID-611587",
          "CSAFPID-40297",
          "CSAFPID-110244",
          "CSAFPID-110242",
          "CSAFPID-9489",
          "CSAFPID-110249",
          "CSAFPID-110243",
          "CSAFPID-765241",
          "CSAFPID-209546",
          "CSAFPID-207586",
          "CSAFPID-765242",
          "CSAFPID-205759",
          "CSAFPID-765365",
          "CSAFPID-765366",
          "CSAFPID-342804",
          "CSAFPID-342805",
          "CSAFPID-1882",
          "CSAFPID-573035",
          "CSAFPID-765367",
          "CSAFPID-765368",
          "CSAFPID-764242",
          "CSAFPID-76994",
          "CSAFPID-204623",
          "CSAFPID-352633",
          "CSAFPID-352632",
          "CSAFPID-765369",
          "CSAFPID-204528",
          "CSAFPID-342802",
          "CSAFPID-40610",
          "CSAFPID-40611",
          "CSAFPID-40609",
          "CSAFPID-180198",
          "CSAFPID-180217",
          "CSAFPID-180196",
          "CSAFPID-40612",
          "CSAFPID-180201",
          "CSAFPID-180216",
          "CSAFPID-180202",
          "CSAFPID-40613",
          "CSAFPID-40608",
          "CSAFPID-180199",
          "CSAFPID-93546",
          "CSAFPID-180195",
          "CSAFPID-2310",
          "CSAFPID-93547",
          "CSAFPID-180200",
          "CSAFPID-765371",
          "CSAFPID-89545",
          "CSAFPID-180215",
          "CSAFPID-180197",
          "CSAFPID-204639",
          "CSAFPID-204627",
          "CSAFPID-342799",
          "CSAFPID-765372",
          "CSAFPID-220125",
          "CSAFPID-245244",
          "CSAFPID-204554",
          "CSAFPID-204614",
          "CSAFPID-345031",
          "CSAFPID-204595",
          "CSAFPID-204590",
          "CSAFPID-224787",
          "CSAFPID-1673065",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-23437",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json"
        }
      ],
      "title": "CVE-2022-23437"
    },
    {
      "cve": "CVE-2022-36760",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220057",
          "CSAFPID-220055",
          "CSAFPID-220909",
          "CSAFPID-45184",
          "CSAFPID-45182",
          "CSAFPID-220559",
          "CSAFPID-220558",
          "CSAFPID-220327",
          "CSAFPID-220325",
          "CSAFPID-219838",
          "CSAFPID-220056",
          "CSAFPID-223511",
          "CSAFPID-216017",
          "CSAFPID-220889",
          "CSAFPID-220918",
          "CSAFPID-90020",
          "CSAFPID-90015",
          "CSAFPID-220133",
          "CSAFPID-220561",
          "CSAFPID-90021",
          "CSAFPID-220881",
          "CSAFPID-94291",
          "CSAFPID-220910",
          "CSAFPID-220324",
          "CSAFPID-224796",
          "CSAFPID-224795",
          "CSAFPID-220326",
          "CSAFPID-764734",
          "CSAFPID-40293",
          "CSAFPID-220167",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764736",
          "CSAFPID-764737",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-704412",
          "CSAFPID-704411",
          "CSAFPID-704410",
          "CSAFPID-219803",
          "CSAFPID-375182",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-219776",
          "CSAFPID-224791",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-764738",
          "CSAFPID-240600",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-764240",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-493443",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-204563",
          "CSAFPID-8984",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220057",
            "CSAFPID-220055",
            "CSAFPID-220909",
            "CSAFPID-45184",
            "CSAFPID-45182",
            "CSAFPID-220559",
            "CSAFPID-220558",
            "CSAFPID-220327",
            "CSAFPID-220325",
            "CSAFPID-219838",
            "CSAFPID-220056",
            "CSAFPID-223511",
            "CSAFPID-216017",
            "CSAFPID-220889",
            "CSAFPID-220918",
            "CSAFPID-90020",
            "CSAFPID-90015",
            "CSAFPID-220133",
            "CSAFPID-220561",
            "CSAFPID-90021",
            "CSAFPID-220881",
            "CSAFPID-94291",
            "CSAFPID-220910",
            "CSAFPID-220324",
            "CSAFPID-224796",
            "CSAFPID-224795",
            "CSAFPID-220326",
            "CSAFPID-764734",
            "CSAFPID-40293",
            "CSAFPID-220167",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764736",
            "CSAFPID-764737",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-704412",
            "CSAFPID-704411",
            "CSAFPID-704410",
            "CSAFPID-219803",
            "CSAFPID-375182",
            "CSAFPID-342803",
            "CSAFPID-1266",
            "CSAFPID-219776",
            "CSAFPID-224791",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-764738",
            "CSAFPID-240600",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-764240",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-493443",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-204563",
            "CSAFPID-8984",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-36760"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673391",
          "CSAFPID-1673392",
          "CSAFPID-1673393",
          "CSAFPID-1673394",
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2953",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673391",
            "CSAFPID-1673392",
            "CSAFPID-1673393",
            "CSAFPID-1673394",
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3635",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Signed to Unsigned Conversion Error",
          "title": "CWE-195"
        },
        {
          "category": "other",
          "text": "Uncaught Exception",
          "title": "CWE-248"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-94291",
          "CSAFPID-40293",
          "CSAFPID-204622",
          "CSAFPID-1265",
          "CSAFPID-1261",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-1673399",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-219909",
          "CSAFPID-220558",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-240600",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611401",
          "CSAFPID-611406",
          "CSAFPID-611407",
          "CSAFPID-611408",
          "CSAFPID-611413",
          "CSAFPID-611595",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-219803",
          "CSAFPID-219838",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-342803",
          "CSAFPID-614513",
          "CSAFPID-614514",
          "CSAFPID-614515",
          "CSAFPID-614516",
          "CSAFPID-614517",
          "CSAFPID-618156",
          "CSAFPID-643776",
          "CSAFPID-764237",
          "CSAFPID-764238",
          "CSAFPID-764239",
          "CSAFPID-764240",
          "CSAFPID-764241",
          "CSAFPID-764242",
          "CSAFPID-764243",
          "CSAFPID-764247",
          "CSAFPID-764248",
          "CSAFPID-764249",
          "CSAFPID-816346",
          "CSAFPID-816347",
          "CSAFPID-816348",
          "CSAFPID-816349",
          "CSAFPID-816350",
          "CSAFPID-816351",
          "CSAFPID-816352",
          "CSAFPID-816353",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816776",
          "CSAFPID-816777",
          "CSAFPID-816778",
          "CSAFPID-816779",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-764735",
          "CSAFPID-764738",
          "CSAFPID-912073",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-912102",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-3635",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-94291",
            "CSAFPID-40293",
            "CSAFPID-204622",
            "CSAFPID-1265",
            "CSAFPID-1261",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-1673399",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-219909",
            "CSAFPID-220558",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-240600",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611401",
            "CSAFPID-611406",
            "CSAFPID-611407",
            "CSAFPID-611408",
            "CSAFPID-611413",
            "CSAFPID-611595",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-219803",
            "CSAFPID-219838",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-342803",
            "CSAFPID-614513",
            "CSAFPID-614514",
            "CSAFPID-614515",
            "CSAFPID-614516",
            "CSAFPID-614517",
            "CSAFPID-618156",
            "CSAFPID-643776",
            "CSAFPID-764237",
            "CSAFPID-764238",
            "CSAFPID-764239",
            "CSAFPID-764240",
            "CSAFPID-764241",
            "CSAFPID-764242",
            "CSAFPID-764243",
            "CSAFPID-764247",
            "CSAFPID-764248",
            "CSAFPID-764249",
            "CSAFPID-816346",
            "CSAFPID-816347",
            "CSAFPID-816348",
            "CSAFPID-816349",
            "CSAFPID-816350",
            "CSAFPID-816351",
            "CSAFPID-816352",
            "CSAFPID-816353",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816776",
            "CSAFPID-816777",
            "CSAFPID-816778",
            "CSAFPID-816779",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-764735",
            "CSAFPID-764738",
            "CSAFPID-912073",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-912102",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242"
          ]
        }
      ],
      "title": "CVE-2023-3635"
    },
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-219838",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816346",
          "CSAFPID-816776",
          "CSAFPID-816348",
          "CSAFPID-816777",
          "CSAFPID-816347",
          "CSAFPID-94291",
          "CSAFPID-816778",
          "CSAFPID-614517",
          "CSAFPID-816779",
          "CSAFPID-816349",
          "CSAFPID-40293",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816353",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816352",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-342804",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-224793",
          "CSAFPID-816794",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-219803",
          "CSAFPID-219909",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-240600",
          "CSAFPID-342803",
          "CSAFPID-611595",
          "CSAFPID-764738",
          "CSAFPID-816351",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-219826",
          "CSAFPID-764739",
          "CSAFPID-912073",
          "CSAFPID-912558"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4043",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-219838",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816346",
            "CSAFPID-816776",
            "CSAFPID-816348",
            "CSAFPID-816777",
            "CSAFPID-816347",
            "CSAFPID-94291",
            "CSAFPID-816778",
            "CSAFPID-614517",
            "CSAFPID-816779",
            "CSAFPID-816349",
            "CSAFPID-40293",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816353",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816352",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-342804",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-224793",
            "CSAFPID-816794",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-219803",
            "CSAFPID-219909",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-240600",
            "CSAFPID-342803",
            "CSAFPID-611595",
            "CSAFPID-764738",
            "CSAFPID-816351",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-219826",
            "CSAFPID-764739",
            "CSAFPID-912073",
            "CSAFPID-912558"
          ]
        }
      ],
      "title": "CVE-2023-4043"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5685",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2023-6597",
      "cwe": {
        "id": "CWE-61",
        "name": "UNIX Symbolic Link (Symlink) Following"
      },
      "notes": [
        {
          "category": "other",
          "text": "UNIX Symbolic Link (Symlink) Following",
          "title": "CWE-61"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6597",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2023-6816",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-6816"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-45182",
          "CSAFPID-40293",
          "CSAFPID-611406",
          "CSAFPID-764237",
          "CSAFPID-220558",
          "CSAFPID-764238",
          "CSAFPID-764239",
          "CSAFPID-614513",
          "CSAFPID-643776",
          "CSAFPID-611387",
          "CSAFPID-618156",
          "CSAFPID-614516",
          "CSAFPID-614515",
          "CSAFPID-614514",
          "CSAFPID-764240",
          "CSAFPID-94291",
          "CSAFPID-611401",
          "CSAFPID-614517",
          "CSAFPID-764241",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-764243",
          "CSAFPID-342804",
          "CSAFPID-611408",
          "CSAFPID-611407",
          "CSAFPID-764247",
          "CSAFPID-764248",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-611595",
          "CSAFPID-764249",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38408",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-45182",
            "CSAFPID-40293",
            "CSAFPID-611406",
            "CSAFPID-764237",
            "CSAFPID-220558",
            "CSAFPID-764238",
            "CSAFPID-764239",
            "CSAFPID-614513",
            "CSAFPID-643776",
            "CSAFPID-611387",
            "CSAFPID-618156",
            "CSAFPID-614516",
            "CSAFPID-614515",
            "CSAFPID-614514",
            "CSAFPID-764240",
            "CSAFPID-94291",
            "CSAFPID-611401",
            "CSAFPID-614517",
            "CSAFPID-764241",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-764243",
            "CSAFPID-342804",
            "CSAFPID-611408",
            "CSAFPID-611407",
            "CSAFPID-764247",
            "CSAFPID-764248",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-611595",
            "CSAFPID-764249",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-43642",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40293",
          "CSAFPID-1265",
          "CSAFPID-1261",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-1673395",
          "CSAFPID-94291",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-204622",
          "CSAFPID-219803",
          "CSAFPID-219838",
          "CSAFPID-219909",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-224793",
          "CSAFPID-240600",
          "CSAFPID-342793",
          "CSAFPID-342803",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-611595",
          "CSAFPID-614517",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764738",
          "CSAFPID-816346",
          "CSAFPID-816347",
          "CSAFPID-816348",
          "CSAFPID-816349",
          "CSAFPID-816350",
          "CSAFPID-816351",
          "CSAFPID-816352",
          "CSAFPID-816353",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816776",
          "CSAFPID-816777",
          "CSAFPID-816778",
          "CSAFPID-816779",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-43642",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40293",
            "CSAFPID-1265",
            "CSAFPID-1261",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-1673395",
            "CSAFPID-94291",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-204622",
            "CSAFPID-219803",
            "CSAFPID-219838",
            "CSAFPID-219909",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-224793",
            "CSAFPID-240600",
            "CSAFPID-342793",
            "CSAFPID-342803",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-611595",
            "CSAFPID-614517",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764738",
            "CSAFPID-816346",
            "CSAFPID-816347",
            "CSAFPID-816348",
            "CSAFPID-816349",
            "CSAFPID-816350",
            "CSAFPID-816351",
            "CSAFPID-816352",
            "CSAFPID-816353",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816776",
            "CSAFPID-816777",
            "CSAFPID-816778",
            "CSAFPID-816779",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797"
          ]
        }
      ],
      "title": "CVE-2023-43642"
    },
    {
      "cve": "CVE-2023-46136",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673411",
          "CSAFPID-912549",
          "CSAFPID-1673412",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-220132",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673416",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46136",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673411",
            "CSAFPID-912549",
            "CSAFPID-1673412",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-220132",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673416",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-46136"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-219838",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816346",
          "CSAFPID-816776",
          "CSAFPID-816348",
          "CSAFPID-816777",
          "CSAFPID-816347",
          "CSAFPID-94291",
          "CSAFPID-816778",
          "CSAFPID-614517",
          "CSAFPID-816779",
          "CSAFPID-816349",
          "CSAFPID-40293",
          "CSAFPID-764242",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816353",
          "CSAFPID-816786",
          "CSAFPID-816352",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-219803",
          "CSAFPID-816351",
          "CSAFPID-611595",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673417",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-90016",
          "CSAFPID-764826",
          "CSAFPID-345038",
          "CSAFPID-912079",
          "CSAFPID-220132",
          "CSAFPID-93781",
          "CSAFPID-345039",
          "CSAFPID-912080",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-611413",
          "CSAFPID-240600",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-1503601",
          "CSAFPID-1503602"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-219838",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816346",
            "CSAFPID-816776",
            "CSAFPID-816348",
            "CSAFPID-816777",
            "CSAFPID-816347",
            "CSAFPID-94291",
            "CSAFPID-816778",
            "CSAFPID-614517",
            "CSAFPID-816779",
            "CSAFPID-816349",
            "CSAFPID-40293",
            "CSAFPID-764242",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816353",
            "CSAFPID-816786",
            "CSAFPID-816352",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-219803",
            "CSAFPID-816351",
            "CSAFPID-611595",
            "CSAFPID-342803",
            "CSAFPID-1266",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673417",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-90016",
            "CSAFPID-764826",
            "CSAFPID-345038",
            "CSAFPID-912079",
            "CSAFPID-220132",
            "CSAFPID-93781",
            "CSAFPID-345039",
            "CSAFPID-912080",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-611413",
            "CSAFPID-240600",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-1503601",
            "CSAFPID-1503602"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650751",
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51775",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650751",
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-52428",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912073",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912102",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52428",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912073",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912102",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-0450",
      "cwe": {
        "id": "CWE-450",
        "name": "Multiple Interpretations of UI Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Multiple Interpretations of UI Input",
          "title": "CWE-450"
        },
        {
          "category": "other",
          "text": "Asymmetric Resource Consumption (Amplification)",
          "title": "CWE-405"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0450",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Resource after Effective Lifetime",
          "title": "CWE-772"
        },
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673399",
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2398",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673399",
            "CSAFPID-1673391",
            "CSAFPID-1673394",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-4577",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650731",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4577",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650731",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-4577"
    },
    {
      "cve": "CVE-2024-4603",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4603",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673391",
            "CSAFPID-1673394",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-4603"
    },
    {
      "cve": "CVE-2024-5585",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5585",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2024-5585"
    },
    {
      "cve": "CVE-2024-5971",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673399",
          "CSAFPID-1673526",
          "CSAFPID-1673413",
          "CSAFPID-1673396",
          "CSAFPID-1673415",
          "CSAFPID-1673501",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5971",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673399",
            "CSAFPID-1673526",
            "CSAFPID-1673413",
            "CSAFPID-1673396",
            "CSAFPID-1673415",
            "CSAFPID-1673501",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-5971"
    },
    {
      "cve": "CVE-2024-6162",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673526",
          "CSAFPID-1673399",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6162",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673526",
            "CSAFPID-1673399",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-6162"
    },
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Signal Handler Race Condition",
          "title": "CWE-364"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503595",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6387",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json"
        }
      ],
      "title": "CVE-2024-6387"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7264",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-22020",
      "product_status": {
        "known_affected": [
          "CSAFPID-912101",
          "CSAFPID-1673473",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22020",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912101",
            "CSAFPID-1673473",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-22020"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673475",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-219776",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-224795",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673475",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-219776",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-224795",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22257",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-764237",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-342804",
          "CSAFPID-912080",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22257",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-764237",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-342804",
            "CSAFPID-912080",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650820",
          "CSAFPID-1650751",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650820",
            "CSAFPID-1650751",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650826",
          "CSAFPID-1650731",
          "CSAFPID-1673382",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-614517",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650826",
            "CSAFPID-1650731",
            "CSAFPID-1673382",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-614517",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650734",
          "CSAFPID-1650830",
          "CSAFPID-1650777",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-1650778",
          "CSAFPID-41182",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650734",
            "CSAFPID-1650830",
            "CSAFPID-1650777",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-1650778",
            "CSAFPID-41182",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650826",
          "CSAFPID-1673382",
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-342804",
          "CSAFPID-912080",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650826",
            "CSAFPID-1673382",
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-342804",
            "CSAFPID-912080",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650751",
          "CSAFPID-1650752",
          "CSAFPID-1673481",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-614517",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650751",
            "CSAFPID-1650752",
            "CSAFPID-1673481",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-614517",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25638",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        },
        {
          "category": "other",
          "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
          "title": "CWE-349"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25638",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-25638"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1673485",
          "CSAFPID-1673393",
          "CSAFPID-1673394",
          "CSAFPID-1673389",
          "CSAFPID-1672767",
          "CSAFPID-1673391",
          "CSAFPID-1673392",
          "CSAFPID-1673415",
          "CSAFPID-1673390",
          "CSAFPID-1673413",
          "CSAFPID-1673395",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1673485",
            "CSAFPID-1673393",
            "CSAFPID-1673394",
            "CSAFPID-1673389",
            "CSAFPID-1672767",
            "CSAFPID-1673391",
            "CSAFPID-1673392",
            "CSAFPID-1673415",
            "CSAFPID-1673390",
            "CSAFPID-1673413",
            "CSAFPID-1673395",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673414",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673414",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673494",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673494",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650820",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650820",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-29736",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673399",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673399",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-29736"
    },
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673413",
          "CSAFPID-1673415",
          "CSAFPID-1673501",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673413",
            "CSAFPID-1673415",
            "CSAFPID-1673501",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30251",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912079",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30251",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912079",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-30251"
    },
    {
      "cve": "CVE-2024-31080",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31080",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json"
        }
      ],
      "title": "CVE-2024-31080"
    },
    {
      "cve": "CVE-2024-31744",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673392",
          "CSAFPID-1673393",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31744",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673392",
            "CSAFPID-1673393",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-31744"
    },
    {
      "cve": "CVE-2024-32760",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-32760"
    },
    {
      "cve": "CVE-2024-33602",
      "cwe": {
        "id": "CWE-466",
        "name": "Return of Pointer Value Outside of Expected Range"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Pointer Value Outside of Expected Range",
          "title": "CWE-466"
        },
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33602",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-33602"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673481",
          "CSAFPID-1503596",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673481",
            "CSAFPID-1503596",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-1673399",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-1673399",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-39689",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1673392",
          "CSAFPID-1673393"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39689",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1673392",
            "CSAFPID-1673393"
          ]
        }
      ],
      "title": "CVE-2024-39689"
    },
    {
      "cve": "CVE-2024-40898",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673516",
          "CSAFPID-1673411",
          "CSAFPID-1673412",
          "CSAFPID-1650731",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40898",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673516",
            "CSAFPID-1673411",
            "CSAFPID-1673412",
            "CSAFPID-1650731",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-40898"
    },
    {
      "cve": "CVE-2024-41817",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1674625"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41817",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1674625"
          ]
        }
      ],
      "title": "CVE-2024-41817"
    },
    {
      "cve": "CVE-2024-43044",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673411",
          "CSAFPID-1673412",
          "CSAFPID-1673413",
          "CSAFPID-1673396",
          "CSAFPID-1673392",
          "CSAFPID-1673494",
          "CSAFPID-1673393",
          "CSAFPID-1673415",
          "CSAFPID-1673416",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43044",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673411",
            "CSAFPID-1673412",
            "CSAFPID-1673413",
            "CSAFPID-1673396",
            "CSAFPID-1673392",
            "CSAFPID-1673494",
            "CSAFPID-1673393",
            "CSAFPID-1673415",
            "CSAFPID-1673416",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-43044"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1673399",
          "CSAFPID-1650731",
          "CSAFPID-1673517",
          "CSAFPID-1673396",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1673399",
            "CSAFPID-1650731",
            "CSAFPID-1673517",
            "CSAFPID-1673396",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

NCSC-2024-0415

Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:18 - Updated: 2024-10-17 13:18

Summary

Kwetsbaarheden verholpen in Oracle Enterprise Manager

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in Enterprise Manager.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Uitvoer van willekeurige code (Gebruikersrechten) - Uitvoer van willekeurige code (Administratorrechten) - Toegang tot gevoelige gegevens

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-1329: Reliance on Component That is Not Updateable

CWE-427: Uncontrolled Search Path Element

CWE-345: Insufficient Verification of Data Authenticity

CWE-532: Insertion of Sensitive Information into Log File

CWE-295: Improper Certificate Validation

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CVE-2022-34381

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1329 - Reliance on Component That is Not Updateable

Affected products

Known affected 9 products

Product	Identifier	Version
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_manager_for_fusion_middleware oracle	`cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—

CVE-2023-28823

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-427 - Uncontrolled Search Path Element

Affected products

Known affected 15 products

Product	Identifier	Version
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:12.2.1.4.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_ops_center oracle	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—
enterprise_manager_for_fusion_middleware oracle	`cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:::::::*`	—
enterprise_manager_for_virtualization oracle	`cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.5.0.0:::::::*`	—
enterprise_manager_for__database oracle	`cpe:2.3:a:oracle:enterprise_manager_for__database:13.5.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:_agent_next_gen___13.5.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:_extensibility_framework___13.5.0.0:::::::*`	—
enterprise_manager_for__virtual_infrastructure oracle	`cpe:2.3:a:oracle:enterprise_manager_for__virtual_infrastructure:13.5.0.0:::::::*`	—

CVE-2023-37920

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-295 - Improper Certificate Validation

Affected products

Known affected 4 products

Product	Identifier	Version
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—

CVE-2023-44483

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 16 products

Product	Identifier	Version
enterprise_manager_for_peoplesoft oracle	`cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_ops_center oracle	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—
enterprise_manager_for_fusion_middleware oracle	`cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:::::::*`	—
enterprise_manager_for_virtualization oracle	`cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.5.0.0:::::::*`	—
enterprise_manager_for__database oracle	`cpe:2.3:a:oracle:enterprise_manager_for__database:13.5.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:_agent_next_gen___13.5.0.0:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:_extensibility_framework___13.5.0.0:::::::*`	—
enterprise_manager_for__virtual_infrastructure oracle	`cpe:2.3:a:oracle:enterprise_manager_for__virtual_infrastructure:13.5.0.0:::::::*`	—
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 9 products

Product	Identifier	Version
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_manager_for_fusion_middleware oracle	`cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—

CVE-2024-26308

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 9 products

Product	Identifier	Version
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—
enterprise_manager_for_fusion_middleware oracle	`cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:::::::*`	—
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 8 products

Product	Identifier	Version
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:::::::*`	—
enterprise_manager oracle	`cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:::::::*`	—
enterprise_asset_management oracle	`cpe:2.3:a:oracle:enterprise_asset_management::::::::`	—
application_testing_suite oracle	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`	—
enterprise_manager_base_platform oracle	`cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:::::::*`	—
enterprise_data_quality oracle	`cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:::::::*`	—

References

8 references

URL	Category
https://www.oracle.com/security-alerts/cpuoct2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Enterprise Manager.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens\n",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Reliance on Component That is Not Updateable",
        "title": "CWE-1329"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Enterprise Manager",
    "tracking": {
      "current_release_date": "2024-10-17T13:18:06.611153Z",
      "id": "NCSC-2024-0415",
      "initial_release_date": "2024-10-17T13:18:06.611153Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:18:06.611153Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "enterprise_asset_management",
            "product": {
              "name": "enterprise_asset_management",
              "product_id": "CSAFPID-915800",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_asset_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_data_quality",
            "product": {
              "name": "enterprise_data_quality",
              "product_id": "CSAFPID-200924",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager",
            "product": {
              "name": "enterprise_manager",
              "product_id": "CSAFPID-1674652",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager",
            "product": {
              "name": "enterprise_manager",
              "product_id": "CSAFPID-1674650",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager:13.3.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager",
            "product": {
              "name": "enterprise_manager",
              "product_id": "CSAFPID-817088",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager",
            "product": {
              "name": "enterprise_manager",
              "product_id": "CSAFPID-1674651",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager:13.5.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_base_platform",
            "product": {
              "name": "enterprise_manager_base_platform",
              "product_id": "CSAFPID-1673387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_base_platform",
            "product": {
              "name": "enterprise_manager_base_platform",
              "product_id": "CSAFPID-179794",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_base_platform",
            "product": {
              "name": "enterprise_manager_base_platform",
              "product_id": "CSAFPID-816810",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_base_platform:_agent_next_gen___13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_base_platform",
            "product": {
              "name": "enterprise_manager_base_platform",
              "product_id": "CSAFPID-816811",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_base_platform:_extensibility_framework___13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for__database",
            "product": {
              "name": "enterprise_manager_for__database",
              "product_id": "CSAFPID-764745",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for__database:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for__virtual_infrastructure",
            "product": {
              "name": "enterprise_manager_for__virtual_infrastructure",
              "product_id": "CSAFPID-816812",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for__virtual_infrastructure:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for_fusion_middleware",
            "product": {
              "name": "enterprise_manager_for_fusion_middleware",
              "product_id": "CSAFPID-220465",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for_peoplesoft",
            "product": {
              "name": "enterprise_manager_for_peoplesoft",
              "product_id": "CSAFPID-1673408",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.5.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_for_virtualization",
            "product": {
              "name": "enterprise_manager_for_virtualization",
              "product_id": "CSAFPID-611588",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_ops_center",
            "product": {
              "name": "enterprise_manager_ops_center",
              "product_id": "CSAFPID-9557",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "application_testing_suite",
            "product": {
              "name": "application_testing_suite",
              "product_id": "CSAFPID-5546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34381",
      "cwe": {
        "id": "CWE-1329",
        "name": "Reliance on Component That is Not Updateable"
      },
      "notes": [
        {
          "category": "other",
          "text": "Reliance on Component That is Not Updateable",
          "title": "CWE-1329"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-5546",
          "CSAFPID-179794",
          "CSAFPID-220465",
          "CSAFPID-200924",
          "CSAFPID-915800"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-34381",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34381.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-5546",
            "CSAFPID-179794",
            "CSAFPID-220465",
            "CSAFPID-200924",
            "CSAFPID-915800"
          ]
        }
      ],
      "title": "CVE-2022-34381"
    },
    {
      "cve": "CVE-2023-28823",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673387",
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-5546",
          "CSAFPID-9557",
          "CSAFPID-179794",
          "CSAFPID-200924",
          "CSAFPID-220465",
          "CSAFPID-611588",
          "CSAFPID-764745",
          "CSAFPID-816810",
          "CSAFPID-816811",
          "CSAFPID-816812"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28823",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28823.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673387",
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-5546",
            "CSAFPID-9557",
            "CSAFPID-179794",
            "CSAFPID-200924",
            "CSAFPID-220465",
            "CSAFPID-611588",
            "CSAFPID-764745",
            "CSAFPID-816810",
            "CSAFPID-816811",
            "CSAFPID-816812"
          ]
        }
      ],
      "title": "CVE-2023-28823"
    },
    {
      "cve": "CVE-2023-37920",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-915800",
          "CSAFPID-5546",
          "CSAFPID-179794",
          "CSAFPID-200924"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-37920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-915800",
            "CSAFPID-5546",
            "CSAFPID-179794",
            "CSAFPID-200924"
          ]
        }
      ],
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673408",
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-5546",
          "CSAFPID-9557",
          "CSAFPID-179794",
          "CSAFPID-200924",
          "CSAFPID-220465",
          "CSAFPID-611588",
          "CSAFPID-764745",
          "CSAFPID-816810",
          "CSAFPID-816811",
          "CSAFPID-816812",
          "CSAFPID-915800"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673408",
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-5546",
            "CSAFPID-9557",
            "CSAFPID-179794",
            "CSAFPID-200924",
            "CSAFPID-220465",
            "CSAFPID-611588",
            "CSAFPID-764745",
            "CSAFPID-816810",
            "CSAFPID-816811",
            "CSAFPID-816812",
            "CSAFPID-915800"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-5546",
          "CSAFPID-179794",
          "CSAFPID-220465",
          "CSAFPID-200924",
          "CSAFPID-915800"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-5546",
            "CSAFPID-179794",
            "CSAFPID-220465",
            "CSAFPID-200924",
            "CSAFPID-915800"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-5546",
          "CSAFPID-179794",
          "CSAFPID-200924",
          "CSAFPID-220465",
          "CSAFPID-915800"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-5546",
            "CSAFPID-179794",
            "CSAFPID-200924",
            "CSAFPID-220465",
            "CSAFPID-915800"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1674650",
          "CSAFPID-1674651",
          "CSAFPID-817088",
          "CSAFPID-1674652",
          "CSAFPID-915800",
          "CSAFPID-5546",
          "CSAFPID-179794",
          "CSAFPID-200924"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1674650",
            "CSAFPID-1674651",
            "CSAFPID-817088",
            "CSAFPID-1674652",
            "CSAFPID-915800",
            "CSAFPID-5546",
            "CSAFPID-179794",
            "CSAFPID-200924"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    }
  ]
}

NCSC-2024-0417

Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:19 - Updated: 2024-10-17 13:19

Summary

Kwetsbaarheden verholpen in Oracle Fusion Middleware

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in Fusion Middleware componenten, zoals WebLogic Server, WebCenter en HTTP Server.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipuleren van data - Uitvoer van willekeurige code (Administratorrechten) - Toegang tot gevoelige gegevens Omdat deze kwetsbaarheden zich bevinden in diverse Middleware producten, is niet uit te sluiten dat applicaties, draaiende op platformen ondersteund door deze middleware ook kwetsbaar zijn, danwel gevoelig voor misbruik van deze kwetsbaarheden.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer infomatie.

Kans: medium

Schade: high

CWE-1325: Improperly Controlled Sequential Memory Allocation

CWE-390: Detection of Error Condition Without Action

CWE-59: Improper Link Resolution Before File Access ('Link Following')

CWE-178: Improper Handling of Case Sensitivity

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-190: Integer Overflow or Wraparound

CWE-404: Improper Resource Shutdown or Release

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-416: Use After Free

CWE-401: Missing Release of Memory after Effective Lifetime

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-918: Server-Side Request Forgery (SSRF)

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2020-11023

6.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 25 products

Product	Identifier	Version
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:10.3.6.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:9.1.0.0.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.3.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*`	—
webcenter_sites_support_tools oracle	`cpe:2.3:a:oracle:webcenter_sites_support_tools::::::::`	—

CVE-2020-17521

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 38 products

Product	Identifier	Version
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:9.1.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___14.1.1.0.0:::::::*`	—
business_activity_monitoring__bam_ oracle	`cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.3.0:::::::*`	—
business_activity_monitoring__bam_ oracle	`cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.4.0:::::::*`	—
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.3.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:9.1.0.0.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:::::::*`	—
webcenter_sites_support_tools oracle	`cpe:2.3:a:oracle:webcenter_sites_support_tools::::::::`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:11.1.1.5.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector::::::::`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.5:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:all_supported_s:::::::*`	—

CVE-2022-1471

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 26 products

Product	Identifier	Version
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:9.1.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_console___14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:_third_party___14.1.1.0.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_enterprise_capture oracle	`cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:::::::*`	—

CVE-2023-4759

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Known affected 10 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2023-35116

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 20 products

Product	Identifier	Version
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
webcenter_enterprise_capture oracle	`cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—

CVE-2023-39743

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—

CVE-2023-51775

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
webcenter_enterprise_capture oracle	`cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—

CVE-2024-2511

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 10 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-6345

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-21190

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
global_lifecycle_management_fmw_installer oracle	`cpe:2.3:a:oracle:global_lifecycle_management_fmw_installer:12.2.1.4.0:::::::*`	—

CVE-2024-21191

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
enterprise_manager_fusion_middleware_control oracle	`cpe:2.3:a:oracle:enterprise_manager_fusion_middleware_control:12.2.1.4.0:::::::*`	—

CVE-2024-21192

CVE-2024-21205

CVE-2024-21215

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-21216

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—

CVE-2024-21234

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-21246

CVE-2024-21260

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-21274

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 18 products

Product	Identifier	Version
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
webcenter_enterprise_capture oracle	`cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—

CVE-2024-22262

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 11 products

Product	Identifier	Version
webcenter_forms_recognition oracle	`cpe:2.3:a:oracle:webcenter_forms_recognition:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-23807

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 10 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-24549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 18 products

Product	Identifier	Version
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.6:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
managed_file_transfer oracle	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`	—
identity_manager_connector oracle	`cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
webcenter_enterprise_capture oracle	`cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:::::::*`	—
weblogic_server_proxy_plug-in oracle	`cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—

CVE-2024-25269

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—

CVE-2024-28182

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 11 products

Product	Identifier	Version
http_server oracle	`cpe:2.3:a:oracle:http_server:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-28752

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 11 products

Product	Identifier	Version
webcenter_forms_recognition oracle	`cpe:2.3:a:oracle:webcenter_forms_recognition:14.1.1.0.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-29131

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-787 - Out-of-bounds Write

Affected products

Known affected 10 products

Product	Identifier	Version
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—
data_integrator oracle	`cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:::::::*`	—
http_server oracle	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`	—
middleware_common_libraries_and_tools oracle	`cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:::::::*`	—
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—
webcenter_content oracle	`cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:::::::*`	—
webcenter_portal oracle	`cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*`	—
webcenter_sites oracle	`cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*`	—
weblogic_server oracle	`cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*`	—

CVE-2024-36052

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_process_management_suite oracle	`cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:::::::*`	—
business_activity_monitoring oracle	`cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:::::::*`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
outside_in_technology oracle	`cpe:2.3:a:oracle:outside_in_technology:8.5.7:::::::*`	—

References

31 references

URL	Category
https://www.oracle.com/security-alerts/cpuoct2024.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Fusion Middleware componenten, zoals WebLogic Server, WebCenter en HTTP Server.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens\n\nOmdat deze kwetsbaarheden zich bevinden in diverse Middleware producten, is niet uit te sluiten dat applicaties, draaiende op platformen ondersteund door deze middleware ook kwetsbaar zijn, danwel gevoelig voor misbruik van deze kwetsbaarheden.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer infomatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Sequential Memory Allocation",
        "title": "CWE-1325"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
        "title": "CWE-59"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Fusion Middleware",
    "tracking": {
      "current_release_date": "2024-10-17T13:19:16.185510Z",
      "id": "NCSC-2024-0417",
      "initial_release_date": "2024-10-17T13:19:16.185510Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:19:16.185510Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "outside_in_technology",
            "product": {
              "name": "outside_in_technology",
              "product_id": "CSAFPID-292093",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "outside_in_technology",
            "product": {
              "name": "outside_in_technology",
              "product_id": "CSAFPID-1260",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "outside_in_technology",
            "product": {
              "name": "outside_in_technology",
              "product_id": "CSAFPID-912053",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server_proxy_plug-in",
            "product": {
              "name": "weblogic_server_proxy_plug-in",
              "product_id": "CSAFPID-199883",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server_proxy_plug-in",
            "product": {
              "name": "weblogic_server_proxy_plug-in",
              "product_id": "CSAFPID-951239",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server_proxy_plug-in:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764797",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764799",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_console___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764801",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_console___14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764798",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764800",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_third_party___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-764802",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:_third_party___14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-113536",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-113521",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-3663",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-94310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-3661",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-3660",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-1504444",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "weblogic_server",
            "product": {
              "name": "weblogic_server",
              "product_id": "CSAFPID-1973",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_content",
            "product": {
              "name": "webcenter_content",
              "product_id": "CSAFPID-389123",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_content:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_content",
            "product": {
              "name": "webcenter_content",
              "product_id": "CSAFPID-179795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_enterprise_capture",
            "product": {
              "name": "webcenter_enterprise_capture",
              "product_id": "CSAFPID-912594",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_enterprise_capture:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_forms_recognition",
            "product": {
              "name": "webcenter_forms_recognition",
              "product_id": "CSAFPID-1673476",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_forms_recognition:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_portal",
            "product": {
              "name": "webcenter_portal",
              "product_id": "CSAFPID-135359",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_portal",
            "product": {
              "name": "webcenter_portal",
              "product_id": "CSAFPID-45194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_sites_support_tools",
            "product": {
              "name": "webcenter_sites_support_tools",
              "product_id": "CSAFPID-765268",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_sites_support_tools:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_sites",
            "product": {
              "name": "webcenter_sites",
              "product_id": "CSAFPID-9026",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_sites",
            "product": {
              "name": "webcenter_sites",
              "product_id": "CSAFPID-135354",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "webcenter_sites",
            "product": {
              "name": "webcenter_sites",
              "product_id": "CSAFPID-765390",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:webcenter_sites:all_supported_s:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "data_integrator",
            "product": {
              "name": "data_integrator",
              "product_id": "CSAFPID-204494",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "data_integrator",
            "product": {
              "name": "data_integrator",
              "product_id": "CSAFPID-204566",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring__bam_",
            "product": {
              "name": "business_activity_monitoring__bam_",
              "product_id": "CSAFPID-764927",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring__bam_",
            "product": {
              "name": "business_activity_monitoring__bam_",
              "product_id": "CSAFPID-764928",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring__bam_:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_activity_monitoring",
            "product": {
              "name": "business_activity_monitoring",
              "product_id": "CSAFPID-228157",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_process_management_suite",
            "product": {
              "name": "business_process_management_suite",
              "product_id": "CSAFPID-9043",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_process_management_suite",
            "product": {
              "name": "business_process_management_suite",
              "product_id": "CSAFPID-9642",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94398",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "middleware_common_libraries_and_tools",
            "product": {
              "name": "middleware_common_libraries_and_tools",
              "product_id": "CSAFPID-94393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "enterprise_manager_fusion_middleware_control",
            "product": {
              "name": "enterprise_manager_fusion_middleware_control",
              "product_id": "CSAFPID-1673426",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:enterprise_manager_fusion_middleware_control:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "global_lifecycle_management_fmw_installer",
            "product": {
              "name": "global_lifecycle_management_fmw_installer",
              "product_id": "CSAFPID-1673425",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:global_lifecycle_management_fmw_installer:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-93909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-40303",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "http_server",
            "product": {
              "name": "http_server",
              "product_id": "CSAFPID-912074",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:http_server:14.1.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "managed_file_transfer",
            "product": {
              "name": "managed_file_transfer",
              "product_id": "CSAFPID-204452",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "managed_file_transfer",
            "product": {
              "name": "managed_file_transfer",
              "product_id": "CSAFPID-204581",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager_connector",
            "product": {
              "name": "identity_manager_connector",
              "product_id": "CSAFPID-765382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager_connector:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager_connector",
            "product": {
              "name": "identity_manager_connector",
              "product_id": "CSAFPID-227776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager_connector:11.1.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager_connector",
            "product": {
              "name": "identity_manager_connector",
              "product_id": "CSAFPID-396523",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager_connector:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager_connector",
            "product": {
              "name": "identity_manager_connector",
              "product_id": "CSAFPID-204638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager_connector:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "identity_manager_connector",
            "product": {
              "name": "identity_manager_connector",
              "product_id": "CSAFPID-765267",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:identity_manager_connector:9.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-11023",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-135354",
          "CSAFPID-9026",
          "CSAFPID-3663",
          "CSAFPID-3661",
          "CSAFPID-94310",
          "CSAFPID-113521",
          "CSAFPID-113536",
          "CSAFPID-9642",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-204581",
          "CSAFPID-94309",
          "CSAFPID-1260",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-204494",
          "CSAFPID-93909",
          "CSAFPID-765267",
          "CSAFPID-204452",
          "CSAFPID-94398",
          "CSAFPID-389123",
          "CSAFPID-135359",
          "CSAFPID-765268"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11023",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11023.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-135354",
            "CSAFPID-9026",
            "CSAFPID-3663",
            "CSAFPID-3661",
            "CSAFPID-94310",
            "CSAFPID-113521",
            "CSAFPID-113536",
            "CSAFPID-9642",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-204581",
            "CSAFPID-94309",
            "CSAFPID-1260",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-204494",
            "CSAFPID-93909",
            "CSAFPID-765267",
            "CSAFPID-204452",
            "CSAFPID-94398",
            "CSAFPID-389123",
            "CSAFPID-135359",
            "CSAFPID-765268"
          ]
        }
      ],
      "title": "CVE-2020-11023"
    },
    {
      "cve": "CVE-2020-17521",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-396523",
          "CSAFPID-204638",
          "CSAFPID-94309",
          "CSAFPID-179795",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973",
          "CSAFPID-204581",
          "CSAFPID-1260",
          "CSAFPID-45194",
          "CSAFPID-764797",
          "CSAFPID-764798",
          "CSAFPID-3661",
          "CSAFPID-764799",
          "CSAFPID-764800",
          "CSAFPID-764801",
          "CSAFPID-764802",
          "CSAFPID-764927",
          "CSAFPID-764928",
          "CSAFPID-9043",
          "CSAFPID-93909",
          "CSAFPID-94398",
          "CSAFPID-389123",
          "CSAFPID-135359",
          "CSAFPID-9026",
          "CSAFPID-204494",
          "CSAFPID-765267",
          "CSAFPID-204452",
          "CSAFPID-765268",
          "CSAFPID-227776",
          "CSAFPID-94310",
          "CSAFPID-765382",
          "CSAFPID-292093",
          "CSAFPID-94393",
          "CSAFPID-765390"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-17521",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-17521.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9642",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-396523",
            "CSAFPID-204638",
            "CSAFPID-94309",
            "CSAFPID-179795",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973",
            "CSAFPID-204581",
            "CSAFPID-1260",
            "CSAFPID-45194",
            "CSAFPID-764797",
            "CSAFPID-764798",
            "CSAFPID-3661",
            "CSAFPID-764799",
            "CSAFPID-764800",
            "CSAFPID-764801",
            "CSAFPID-764802",
            "CSAFPID-764927",
            "CSAFPID-764928",
            "CSAFPID-9043",
            "CSAFPID-93909",
            "CSAFPID-94398",
            "CSAFPID-389123",
            "CSAFPID-135359",
            "CSAFPID-9026",
            "CSAFPID-204494",
            "CSAFPID-765267",
            "CSAFPID-204452",
            "CSAFPID-765268",
            "CSAFPID-227776",
            "CSAFPID-94310",
            "CSAFPID-765382",
            "CSAFPID-292093",
            "CSAFPID-94393",
            "CSAFPID-765390"
          ]
        }
      ],
      "title": "CVE-2020-17521"
    },
    {
      "cve": "CVE-2022-1471",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-204581",
          "CSAFPID-94309",
          "CSAFPID-1260",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-3661",
          "CSAFPID-3660",
          "CSAFPID-1973",
          "CSAFPID-396523",
          "CSAFPID-204638",
          "CSAFPID-135354",
          "CSAFPID-764797",
          "CSAFPID-764798",
          "CSAFPID-764799",
          "CSAFPID-764800",
          "CSAFPID-764801",
          "CSAFPID-764802",
          "CSAFPID-199883",
          "CSAFPID-912074",
          "CSAFPID-94393",
          "CSAFPID-912053",
          "CSAFPID-912594",
          "CSAFPID-951239"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-1471",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json"
        }
      ],
      "title": "CVE-2022-1471"
    },
    {
      "cve": "CVE-2023-4759",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
          "title": "CWE-59"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4759",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2023-4759"
    },
    {
      "cve": "CVE-2023-35116",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642",
          "CSAFPID-40303",
          "CSAFPID-1260",
          "CSAFPID-45194",
          "CSAFPID-3661",
          "CSAFPID-3660",
          "CSAFPID-1973",
          "CSAFPID-199883",
          "CSAFPID-951239",
          "CSAFPID-94309",
          "CSAFPID-179795",
          "CSAFPID-204566",
          "CSAFPID-204581",
          "CSAFPID-94393",
          "CSAFPID-396523",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-912594",
          "CSAFPID-228157",
          "CSAFPID-135354"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-35116",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-35116.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9642",
            "CSAFPID-40303",
            "CSAFPID-1260",
            "CSAFPID-45194",
            "CSAFPID-3661",
            "CSAFPID-3660",
            "CSAFPID-1973",
            "CSAFPID-199883",
            "CSAFPID-951239",
            "CSAFPID-94309",
            "CSAFPID-179795",
            "CSAFPID-204566",
            "CSAFPID-204581",
            "CSAFPID-94393",
            "CSAFPID-396523",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-912594",
            "CSAFPID-228157",
            "CSAFPID-135354"
          ]
        }
      ],
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-39743",
      "product_status": {
        "known_affected": [
          "CSAFPID-912053"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39743",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39743.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053"
          ]
        }
      ],
      "title": "CVE-2023-39743"
    },
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-94393",
          "CSAFPID-179795",
          "CSAFPID-199883",
          "CSAFPID-204566",
          "CSAFPID-204581",
          "CSAFPID-396523",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-912594",
          "CSAFPID-951239",
          "CSAFPID-228157",
          "CSAFPID-135354"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51775",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-94393",
            "CSAFPID-179795",
            "CSAFPID-199883",
            "CSAFPID-204566",
            "CSAFPID-204581",
            "CSAFPID-396523",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-912594",
            "CSAFPID-951239",
            "CSAFPID-228157",
            "CSAFPID-135354"
          ]
        }
      ],
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2024-2511",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improperly Controlled Sequential Memory Allocation",
          "title": "CWE-1325"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2511",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-2511"
    },
    {
      "cve": "CVE-2024-6345",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6345",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6345.json"
        }
      ],
      "title": "CVE-2024-6345"
    },
    {
      "cve": "CVE-2024-21190",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673425"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21190",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21190.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673425"
          ]
        }
      ],
      "title": "CVE-2024-21190"
    },
    {
      "cve": "CVE-2024-21191",
      "product_status": {
        "known_affected": [
          "CSAFPID-1673426"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21191",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21191.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673426"
          ]
        }
      ],
      "title": "CVE-2024-21191"
    },
    {
      "cve": "CVE-2024-21192",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21192",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21192.json"
        }
      ],
      "title": "CVE-2024-21192"
    },
    {
      "cve": "CVE-2024-21205",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21205",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21205.json"
        }
      ],
      "title": "CVE-2024-21205"
    },
    {
      "cve": "CVE-2024-21215",
      "product_status": {
        "known_affected": [
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21215",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21215.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-21215"
    },
    {
      "cve": "CVE-2024-21216",
      "product_status": {
        "known_affected": [
          "CSAFPID-1973",
          "CSAFPID-3660"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21216",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21216.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1973",
            "CSAFPID-3660"
          ]
        }
      ],
      "title": "CVE-2024-21216"
    },
    {
      "cve": "CVE-2024-21234",
      "product_status": {
        "known_affected": [
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-21234"
    },
    {
      "cve": "CVE-2024-21246",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21246",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21246.json"
        }
      ],
      "title": "CVE-2024-21246"
    },
    {
      "cve": "CVE-2024-21260",
      "product_status": {
        "known_affected": [
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21260",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21260.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-21260"
    },
    {
      "cve": "CVE-2024-21274",
      "product_status": {
        "known_affected": [
          "CSAFPID-1973",
          "CSAFPID-3660"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21274",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21274.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1973",
            "CSAFPID-3660"
          ]
        }
      ],
      "title": "CVE-2024-21274"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-199883",
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-94393",
          "CSAFPID-179795",
          "CSAFPID-204566",
          "CSAFPID-204581",
          "CSAFPID-396523",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-912594",
          "CSAFPID-951239",
          "CSAFPID-228157",
          "CSAFPID-135354"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-199883",
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-94393",
            "CSAFPID-179795",
            "CSAFPID-204566",
            "CSAFPID-204581",
            "CSAFPID-396523",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-912594",
            "CSAFPID-951239",
            "CSAFPID-228157",
            "CSAFPID-135354"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673476",
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673476",
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-199883",
          "CSAFPID-1260",
          "CSAFPID-1973",
          "CSAFPID-3660",
          "CSAFPID-40303",
          "CSAFPID-45194",
          "CSAFPID-94309",
          "CSAFPID-94393",
          "CSAFPID-179795",
          "CSAFPID-204566",
          "CSAFPID-204581",
          "CSAFPID-396523",
          "CSAFPID-912053",
          "CSAFPID-912074",
          "CSAFPID-912594",
          "CSAFPID-951239",
          "CSAFPID-228157",
          "CSAFPID-135354"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-199883",
            "CSAFPID-1260",
            "CSAFPID-1973",
            "CSAFPID-3660",
            "CSAFPID-40303",
            "CSAFPID-45194",
            "CSAFPID-94309",
            "CSAFPID-94393",
            "CSAFPID-179795",
            "CSAFPID-204566",
            "CSAFPID-204581",
            "CSAFPID-396523",
            "CSAFPID-912053",
            "CSAFPID-912074",
            "CSAFPID-912594",
            "CSAFPID-951239",
            "CSAFPID-228157",
            "CSAFPID-135354"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25269",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912053"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25269",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25269.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053"
          ]
        }
      ],
      "title": "CVE-2024-25269"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912074",
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912074",
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28752",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673476",
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28752",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28752.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673476",
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-28752"
    },
    {
      "cve": "CVE-2024-29131",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-228157",
          "CSAFPID-204566",
          "CSAFPID-40303",
          "CSAFPID-94309",
          "CSAFPID-912053",
          "CSAFPID-179795",
          "CSAFPID-45194",
          "CSAFPID-135354",
          "CSAFPID-3660",
          "CSAFPID-1973"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-228157",
            "CSAFPID-204566",
            "CSAFPID-40303",
            "CSAFPID-94309",
            "CSAFPID-912053",
            "CSAFPID-179795",
            "CSAFPID-45194",
            "CSAFPID-135354",
            "CSAFPID-3660",
            "CSAFPID-1973"
          ]
        }
      ],
      "title": "CVE-2024-29131"
    },
    {
      "cve": "CVE-2024-36052",
      "product_status": {
        "known_affected": [
          "CSAFPID-912053"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36052",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36052.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053"
          ]
        }
      ],
      "title": "CVE-2024-36052"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9642",
          "CSAFPID-228157"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9642",
            "CSAFPID-228157"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912053"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912053"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

OPENSUSE-SU-2024:13724-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

jetty-annotations-9.4.54-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: jetty-annotations-9.4.54-1.1 on GA media

Description of the patch: These are all security issues fixed in the jetty-annotations-9.4.54-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-13724

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 116 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.x86_64	—	Vendor Fix

Threats

Impact important

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-22201/	self
https://www.suse.com/security/cve/CVE-2024-22201	external
https://bugzilla.suse.com/1220437	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "jetty-annotations-9.4.54-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the jetty-annotations-9.4.54-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13724",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13724-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22201 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22201/"
      }
    ],
    "title": "jetty-annotations-9.4.54-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13724-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jetty-annotations-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-annotations-9.4.54-1.1.aarch64",
                  "product_id": "jetty-annotations-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-ant-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-ant-9.4.54-1.1.aarch64",
                  "product_id": "jetty-ant-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-cdi-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-cdi-9.4.54-1.1.aarch64",
                  "product_id": "jetty-cdi-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-client-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-client-9.4.54-1.1.aarch64",
                  "product_id": "jetty-client-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-continuation-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-continuation-9.4.54-1.1.aarch64",
                  "product_id": "jetty-continuation-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-deploy-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-deploy-9.4.54-1.1.aarch64",
                  "product_id": "jetty-deploy-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-fcgi-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-fcgi-9.4.54-1.1.aarch64",
                  "product_id": "jetty-fcgi-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-http-9.4.54-1.1.aarch64",
                  "product_id": "jetty-http-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-spi-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-http-spi-9.4.54-1.1.aarch64",
                  "product_id": "jetty-http-spi-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-io-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-io-9.4.54-1.1.aarch64",
                  "product_id": "jetty-io-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jaas-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-jaas-9.4.54-1.1.aarch64",
                  "product_id": "jetty-jaas-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jmx-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-jmx-9.4.54-1.1.aarch64",
                  "product_id": "jetty-jmx-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jndi-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-jndi-9.4.54-1.1.aarch64",
                  "product_id": "jetty-jndi-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jsp-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-jsp-9.4.54-1.1.aarch64",
                  "product_id": "jetty-jsp-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-minimal-javadoc-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-minimal-javadoc-9.4.54-1.1.aarch64",
                  "product_id": "jetty-minimal-javadoc-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-openid-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-openid-9.4.54-1.1.aarch64",
                  "product_id": "jetty-openid-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-plus-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-plus-9.4.54-1.1.aarch64",
                  "product_id": "jetty-plus-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-proxy-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-proxy-9.4.54-1.1.aarch64",
                  "product_id": "jetty-proxy-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-quickstart-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-quickstart-9.4.54-1.1.aarch64",
                  "product_id": "jetty-quickstart-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-rewrite-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-rewrite-9.4.54-1.1.aarch64",
                  "product_id": "jetty-rewrite-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-security-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-security-9.4.54-1.1.aarch64",
                  "product_id": "jetty-security-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-server-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-server-9.4.54-1.1.aarch64",
                  "product_id": "jetty-server-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlet-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-servlet-9.4.54-1.1.aarch64",
                  "product_id": "jetty-servlet-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlets-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-servlets-9.4.54-1.1.aarch64",
                  "product_id": "jetty-servlets-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-start-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-start-9.4.54-1.1.aarch64",
                  "product_id": "jetty-start-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-util-9.4.54-1.1.aarch64",
                  "product_id": "jetty-util-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-ajax-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-util-ajax-9.4.54-1.1.aarch64",
                  "product_id": "jetty-util-ajax-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-webapp-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-webapp-9.4.54-1.1.aarch64",
                  "product_id": "jetty-webapp-9.4.54-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-xml-9.4.54-1.1.aarch64",
                "product": {
                  "name": "jetty-xml-9.4.54-1.1.aarch64",
                  "product_id": "jetty-xml-9.4.54-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jetty-annotations-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-annotations-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-annotations-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-ant-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-ant-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-ant-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-cdi-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-cdi-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-cdi-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-client-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-client-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-client-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-continuation-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-continuation-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-continuation-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-deploy-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-deploy-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-deploy-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-fcgi-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-fcgi-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-fcgi-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-http-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-http-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-spi-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-http-spi-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-http-spi-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-io-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-io-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-io-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jaas-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-jaas-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-jaas-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jmx-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-jmx-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-jmx-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jndi-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-jndi-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-jndi-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jsp-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-jsp-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-jsp-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-minimal-javadoc-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-openid-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-openid-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-openid-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-plus-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-plus-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-plus-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-proxy-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-proxy-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-proxy-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-quickstart-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-quickstart-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-quickstart-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-rewrite-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-rewrite-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-rewrite-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-security-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-security-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-security-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-server-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-server-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-server-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlet-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-servlet-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-servlet-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlets-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-servlets-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-servlets-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-start-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-start-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-start-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-util-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-util-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-ajax-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-util-ajax-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-util-ajax-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-webapp-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-webapp-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-webapp-9.4.54-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-xml-9.4.54-1.1.ppc64le",
                "product": {
                  "name": "jetty-xml-9.4.54-1.1.ppc64le",
                  "product_id": "jetty-xml-9.4.54-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jetty-annotations-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-annotations-9.4.54-1.1.s390x",
                  "product_id": "jetty-annotations-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-ant-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-ant-9.4.54-1.1.s390x",
                  "product_id": "jetty-ant-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-cdi-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-cdi-9.4.54-1.1.s390x",
                  "product_id": "jetty-cdi-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-client-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-client-9.4.54-1.1.s390x",
                  "product_id": "jetty-client-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-continuation-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-continuation-9.4.54-1.1.s390x",
                  "product_id": "jetty-continuation-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-deploy-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-deploy-9.4.54-1.1.s390x",
                  "product_id": "jetty-deploy-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-fcgi-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-fcgi-9.4.54-1.1.s390x",
                  "product_id": "jetty-fcgi-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-http-9.4.54-1.1.s390x",
                  "product_id": "jetty-http-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-spi-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-http-spi-9.4.54-1.1.s390x",
                  "product_id": "jetty-http-spi-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-io-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-io-9.4.54-1.1.s390x",
                  "product_id": "jetty-io-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jaas-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-jaas-9.4.54-1.1.s390x",
                  "product_id": "jetty-jaas-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jmx-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-jmx-9.4.54-1.1.s390x",
                  "product_id": "jetty-jmx-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jndi-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-jndi-9.4.54-1.1.s390x",
                  "product_id": "jetty-jndi-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jsp-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-jsp-9.4.54-1.1.s390x",
                  "product_id": "jetty-jsp-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-minimal-javadoc-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-minimal-javadoc-9.4.54-1.1.s390x",
                  "product_id": "jetty-minimal-javadoc-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-openid-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-openid-9.4.54-1.1.s390x",
                  "product_id": "jetty-openid-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-plus-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-plus-9.4.54-1.1.s390x",
                  "product_id": "jetty-plus-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-proxy-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-proxy-9.4.54-1.1.s390x",
                  "product_id": "jetty-proxy-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-quickstart-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-quickstart-9.4.54-1.1.s390x",
                  "product_id": "jetty-quickstart-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-rewrite-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-rewrite-9.4.54-1.1.s390x",
                  "product_id": "jetty-rewrite-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-security-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-security-9.4.54-1.1.s390x",
                  "product_id": "jetty-security-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-server-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-server-9.4.54-1.1.s390x",
                  "product_id": "jetty-server-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlet-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-servlet-9.4.54-1.1.s390x",
                  "product_id": "jetty-servlet-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlets-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-servlets-9.4.54-1.1.s390x",
                  "product_id": "jetty-servlets-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-start-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-start-9.4.54-1.1.s390x",
                  "product_id": "jetty-start-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-util-9.4.54-1.1.s390x",
                  "product_id": "jetty-util-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-ajax-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-util-ajax-9.4.54-1.1.s390x",
                  "product_id": "jetty-util-ajax-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-webapp-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-webapp-9.4.54-1.1.s390x",
                  "product_id": "jetty-webapp-9.4.54-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-xml-9.4.54-1.1.s390x",
                "product": {
                  "name": "jetty-xml-9.4.54-1.1.s390x",
                  "product_id": "jetty-xml-9.4.54-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jetty-annotations-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-annotations-9.4.54-1.1.x86_64",
                  "product_id": "jetty-annotations-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-ant-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-ant-9.4.54-1.1.x86_64",
                  "product_id": "jetty-ant-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-cdi-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-cdi-9.4.54-1.1.x86_64",
                  "product_id": "jetty-cdi-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-client-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-client-9.4.54-1.1.x86_64",
                  "product_id": "jetty-client-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-continuation-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-continuation-9.4.54-1.1.x86_64",
                  "product_id": "jetty-continuation-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-deploy-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-deploy-9.4.54-1.1.x86_64",
                  "product_id": "jetty-deploy-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-fcgi-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-fcgi-9.4.54-1.1.x86_64",
                  "product_id": "jetty-fcgi-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-http-9.4.54-1.1.x86_64",
                  "product_id": "jetty-http-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-spi-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-http-spi-9.4.54-1.1.x86_64",
                  "product_id": "jetty-http-spi-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-io-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-io-9.4.54-1.1.x86_64",
                  "product_id": "jetty-io-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jaas-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-jaas-9.4.54-1.1.x86_64",
                  "product_id": "jetty-jaas-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jmx-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-jmx-9.4.54-1.1.x86_64",
                  "product_id": "jetty-jmx-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jndi-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-jndi-9.4.54-1.1.x86_64",
                  "product_id": "jetty-jndi-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jsp-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-jsp-9.4.54-1.1.x86_64",
                  "product_id": "jetty-jsp-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-minimal-javadoc-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-minimal-javadoc-9.4.54-1.1.x86_64",
                  "product_id": "jetty-minimal-javadoc-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-openid-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-openid-9.4.54-1.1.x86_64",
                  "product_id": "jetty-openid-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-plus-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-plus-9.4.54-1.1.x86_64",
                  "product_id": "jetty-plus-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-proxy-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-proxy-9.4.54-1.1.x86_64",
                  "product_id": "jetty-proxy-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-quickstart-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-quickstart-9.4.54-1.1.x86_64",
                  "product_id": "jetty-quickstart-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-rewrite-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-rewrite-9.4.54-1.1.x86_64",
                  "product_id": "jetty-rewrite-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-security-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-security-9.4.54-1.1.x86_64",
                  "product_id": "jetty-security-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-server-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-server-9.4.54-1.1.x86_64",
                  "product_id": "jetty-server-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlet-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-servlet-9.4.54-1.1.x86_64",
                  "product_id": "jetty-servlet-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlets-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-servlets-9.4.54-1.1.x86_64",
                  "product_id": "jetty-servlets-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-start-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-start-9.4.54-1.1.x86_64",
                  "product_id": "jetty-start-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-util-9.4.54-1.1.x86_64",
                  "product_id": "jetty-util-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-ajax-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-util-ajax-9.4.54-1.1.x86_64",
                  "product_id": "jetty-util-ajax-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-webapp-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-webapp-9.4.54-1.1.x86_64",
                  "product_id": "jetty-webapp-9.4.54-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-xml-9.4.54-1.1.x86_64",
                "product": {
                  "name": "jetty-xml-9.4.54-1.1.x86_64",
                  "product_id": "jetty-xml-9.4.54-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-annotations-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-annotations-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-annotations-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-annotations-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-annotations-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-annotations-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-annotations-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-annotations-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-ant-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-ant-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-ant-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-ant-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-ant-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-ant-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-ant-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-ant-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-cdi-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-cdi-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-cdi-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-cdi-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-cdi-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-cdi-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-cdi-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-cdi-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-client-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-client-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-client-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-client-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-client-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-client-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-client-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-client-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-continuation-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-continuation-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-continuation-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-continuation-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-continuation-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-continuation-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-continuation-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-continuation-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-deploy-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-deploy-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-deploy-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-deploy-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-deploy-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-deploy-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-deploy-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-deploy-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-fcgi-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-fcgi-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-fcgi-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-fcgi-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-fcgi-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-fcgi-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-fcgi-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-fcgi-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-http-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-http-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-http-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-http-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-spi-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-http-spi-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-spi-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-http-spi-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-spi-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-http-spi-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-spi-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-http-spi-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-io-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-io-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-io-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-io-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-io-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-io-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-io-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-io-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jaas-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-jaas-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jaas-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-jaas-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jaas-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-jaas-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jaas-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-jaas-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jmx-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-jmx-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jmx-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-jmx-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jmx-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-jmx-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jmx-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-jmx-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jndi-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-jndi-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jndi-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-jndi-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jndi-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-jndi-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jndi-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-jndi-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jsp-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-jsp-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jsp-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-jsp-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jsp-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-jsp-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-jsp-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-jsp-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-minimal-javadoc-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-minimal-javadoc-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-minimal-javadoc-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-minimal-javadoc-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-minimal-javadoc-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-minimal-javadoc-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-minimal-javadoc-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-openid-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-openid-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-openid-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-openid-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-openid-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-openid-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-openid-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-openid-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-plus-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-plus-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-plus-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-plus-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-plus-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-plus-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-plus-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-plus-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-proxy-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-proxy-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-proxy-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-proxy-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-proxy-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-proxy-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-proxy-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-proxy-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-quickstart-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-quickstart-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-quickstart-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-quickstart-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-quickstart-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-quickstart-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-quickstart-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-quickstart-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-rewrite-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-rewrite-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-rewrite-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-rewrite-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-rewrite-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-rewrite-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-rewrite-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-rewrite-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-security-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-security-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-security-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-security-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-security-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-security-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-security-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-security-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-server-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-server-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-server-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-server-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-server-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-server-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-server-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-server-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlet-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-servlet-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlet-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-servlet-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlet-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-servlet-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlet-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-servlet-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlets-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-servlets-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlets-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-servlets-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlets-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-servlets-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlets-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-servlets-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-start-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-start-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-start-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-start-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-start-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-start-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-start-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-start-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-util-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-util-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-util-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-util-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-ajax-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-util-ajax-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-ajax-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-util-ajax-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-ajax-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-util-ajax-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-ajax-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-util-ajax-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-webapp-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-webapp-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-webapp-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-webapp-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-webapp-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-webapp-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-webapp-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-webapp-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-xml-9.4.54-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.aarch64"
        },
        "product_reference": "jetty-xml-9.4.54-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-xml-9.4.54-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.ppc64le"
        },
        "product_reference": "jetty-xml-9.4.54-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-xml-9.4.54-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.s390x"
        },
        "product_reference": "jetty-xml-9.4.54-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-xml-9.4.54-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.x86_64"
        },
        "product_reference": "jetty-xml-9.4.54-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22201",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22201"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Jetty is a Java based web server and servlet engine. An HTTP/2 SSL connection that is established and TCP congested will be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients. The vulnerability is patched in 9.4.54, 10.0.20, 11.0.20, and 12.0.6.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.x86_64",
          "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.aarch64",
          "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.ppc64le",
          "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.s390x",
          "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22201",
          "url": "https://www.suse.com/security/cve/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220437 for CVE-2024-22201",
          "url": "https://bugzilla.suse.com/1220437"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-annotations-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-ant-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-cdi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-client-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-continuation-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-deploy-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-fcgi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-http-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-http-spi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-io-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jaas-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jmx-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jndi-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-jsp-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-openid-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-plus-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-proxy-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-quickstart-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-rewrite-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-security-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-server-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-servlet-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-servlets-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-start-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-util-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-util-ajax-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-webapp-9.4.54-1.1.x86_64",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.aarch64",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.ppc64le",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.s390x",
            "openSUSE Tumbleweed:jetty-xml-9.4.54-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-22201"
    }
  ]
}

RHSA-2024:3634

Vulnerability from csaf_redhat - Published: 2024-06-05 14:47 - Updated: 2026-06-03 17:03

Summary

Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update

Severity

Important

Notes

Topic: An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Jenkins is a continuous integration server that monitors the execution of recurring jobs, such as software builds or cron jobs. Security fixes: * jenkins-2-plugins: Git-server plugin has an arbitrary file read vulnerability (CVE-2024-23899) * jenkins-plugin/script-security: Sandbox bypass occurs via crafted constructor bodies (CVE-2024-34144) * jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined classes (CVE-2024-34145) * jenkins-2-plugins: HTML Publisher plugin has improper input sanitization (CVE-2024-28149) * jetty: Stops accepting new connections from valid clients (CVE-2024-22201) * SSH: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) * golang-protobuf: Unmarshaling certain forms of invalid JSON in the protojson.Unmarshal function causes an infinite loop in the encoding/protojson and internal/encoding/json packages of Golang-protobuf (CVE-2024-24786) * jenkins-2-plugins: Matrix-project plugin has a path traversal vulnerability (CVE-2024-23900) For more details about these security issues, including their impact, CVSS scores, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-48795

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-22201

A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-23899

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-23900

A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system with content not controllable by the attackers.

4.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CWE-23 - Relative Path Traversal

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-24786

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-28149

A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting (XSS) attacks and determine whether a path on the Jenkins controller file system exists, without being able to access it.

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34144

A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM. The Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted. The vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include: - Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts. - Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type. These vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM. The fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including: - Ensuring that calls to other constructors via 'this' are now appropriately managed within the sandbox. - No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34145

A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin within the sandbox-defined classes, enabling the circumvention of security restrictions. This flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM. The Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted. The vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include: - Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts. - Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type. These vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM. The fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including: - Ensuring that calls to other constructors via 'this' are now appropriately managed within the sandbox. - No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

References

56 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:3634	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-48795	self
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://www.cve.org/CVERecord?id=CVE-2023-48795	external
https://nvd.nist.gov/vuln/detail/CVE-2023-48795	external
https://access.redhat.com/solutions/7071748	external
https://terrapin-attack.com/	external
https://access.redhat.com/security/cve/CVE-2024-22201	self
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://www.cve.org/CVERecord?id=CVE-2024-22201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22201	external
https://github.com/jetty/jetty.project/issues/11256	external
https://github.com/jetty/jetty.project/security/a…	external
https://access.redhat.com/security/cve/CVE-2024-23899	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://www.cve.org/CVERecord?id=CVE-2024-23899	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23899	external
http://www.openwall.com/lists/oss-security/2024/01/24/6	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-23900	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://www.cve.org/CVERecord?id=CVE-2024-23900	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23900	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-24786	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://www.cve.org/CVERecord?id=CVE-2024-24786	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24786	external
https://go.dev/cl/569356	external
https://groups.google.com/g/golang-announce/c/ArQ…	external
https://pkg.go.dev/vuln/GO-2024-2611	external
https://access.redhat.com/security/cve/CVE-2024-28149	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://www.cve.org/CVERecord?id=CVE-2024-28149	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28149	external
https://www.jenkins.io/security/advisory/2024-03-…	external
https://access.redhat.com/security/cve/CVE-2024-34144	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://www.cve.org/CVERecord?id=CVE-2024-34144	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34144	external
http://www.openwall.com/lists/oss-security/2024/05/02/3	external
https://www.jenkins.io/security/advisory/2024-05-…	external
https://access.redhat.com/security/cve/CVE-2024-34145	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://www.cve.org/CVERecord?id=CVE-2024-34145	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34145	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Jenkins is a continuous integration server that monitors the execution of\nrecurring jobs, such as software builds or cron jobs.\n\nSecurity fixes:\n\n* jenkins-2-plugins: Git-server plugin has an arbitrary file read\nvulnerability (CVE-2024-23899)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via crafted\nconstructor bodies (CVE-2024-34144)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined\nclasses (CVE-2024-34145)\n\n* jenkins-2-plugins: HTML Publisher plugin has improper input sanitization\n(CVE-2024-28149)\n\n* jetty: Stops accepting new connections from valid clients\n(CVE-2024-22201)\n\n* SSH: Prefix truncation attack on Binary Packet Protocol (BPP)\n(CVE-2023-48795)\n\n* golang-protobuf: Unmarshaling certain forms of invalid JSON in the\nprotojson.Unmarshal function causes an infinite loop in the\nencoding/protojson and internal/encoding/json packages of Golang-protobuf\n(CVE-2024-24786)\n\n* jenkins-2-plugins: Matrix-project plugin has a path traversal\nvulnerability (CVE-2024-23900)\n\nFor more details about these security issues, including their impact, CVSS\nscores, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3634",
        "url": "https://access.redhat.com/errata/RHSA-2024:3634"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2260183",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
      },
      {
        "category": "external",
        "summary": "2260184",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
      },
      {
        "category": "external",
        "summary": "2266136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
      },
      {
        "category": "external",
        "summary": "2268046",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
      },
      {
        "category": "external",
        "summary": "2268227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
      },
      {
        "category": "external",
        "summary": "2278820",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
      },
      {
        "category": "external",
        "summary": "2278821",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3634.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update",
    "tracking": {
      "current_release_date": "2026-06-03T17:03:59+00:00",
      "generator": {
        "date": "2026-06-03T17:03:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:3634",
      "initial_release_date": "2024-06-05T14:47:02+00:00",
      "revision_history": [
        {
          "date": "2024-06-05T14:47:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-05T14:47:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-03T17:03:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Developer Tools and Services for OCP 4.14",
                "product": {
                  "name": "OpenShift Developer Tools and Services for OCP 4.14",
                  "product_id": "8Base-OCP-Tools-4.14",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Developer Tools and Services"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716387933-3.el8.src",
                "product": {
                  "name": "jenkins-0:2.440.3.1716387933-3.el8.src",
                  "product_id": "jenkins-0:2.440.3.1716387933-3.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716387933-3.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.src",
                "product": {
                  "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.src",
                  "product_id": "jenkins-2-plugins-0:4.14.1716388016-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1716388016-1.el8?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716387933-3.el8.noarch",
                "product": {
                  "name": "jenkins-0:2.440.3.1716387933-3.el8.noarch",
                  "product_id": "jenkins-0:2.440.3.1716387933-3.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716387933-3.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
                  "product_id": "jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.14.1716388016-1.el8?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716387933-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
          "product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch"
        },
        "product_reference": "jenkins-0:2.440.3.1716387933-3.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716387933-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
          "product_id": "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src"
        },
        "product_reference": "jenkins-0:2.440.3.1716387933-3.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.14",
          "product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.14"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.14.1716388016-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.14",
          "product_id": "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        },
        "product_reference": "jenkins-2-plugins-0:4.14.1716388016-1.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.14"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2266136"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jetty: stop accepting new connections from valid clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The issue in Jetty where HTTP/2 connections can enter a congested, idle state and potentially exhaust server file descriptors represents a moderate severity due to its impact on system resources and service availability. While the vulnerability requires the deliberate creation of numerous congested connections by an attacker, its exploitation can lead to denial-of-service conditions by consuming all available file descriptors. This scenario could disrupt legitimate client connections and impair server responsiveness.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2266136",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/issues/11256",
          "url": "https://github.com/jetty/jetty.project/issues/11256"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
        }
      ],
      "release_date": "2024-02-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jetty: stop accepting new connections from valid clients"
    },
    {
      "cve": "CVE-2024-23899",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260183"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server\u0027s file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260183",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability"
    },
    {
      "cve": "CVE-2024-23900",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260184"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system with content not controllable by the attackers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260184",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23900",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability"
    },
    {
      "cve": "CVE-2024-24786",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569356",
          "url": "https://go.dev/cl/569356"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
          "url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2611",
          "url": "https://pkg.go.dev/vuln/GO-2024-2611"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
    },
    {
      "cve": "CVE-2024-28149",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting (XSS) attacks and determine whether a path on the Jenkins controller file system exists, without being able to access it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "HTML Publisher Plugin 1.32.1 removes support for reports created before HTML Publisher Plugin 1.15. Those reports are retained on the disk, but may no longer be accessible through the Jenkins UI.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28149",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301",
          "url": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301"
        }
      ],
      "release_date": "2024-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin"
    },
    {
      "cve": "CVE-2024-34144",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278820"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278820",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34144",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies"
    },
    {
      "cve": "CVE-2024-34145",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278821"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin within the sandbox-defined classes, enabling the circumvention of security restrictions. This flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
          "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278821",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34145",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3634"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-0:2.440.3.1716387933-3.el8.src",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.noarch",
            "8Base-OCP-Tools-4.14:jenkins-2-plugins-0:4.14.1716388016-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes"
    }
  ]
}

RHSA-2024:3635

Vulnerability from csaf_redhat - Published: 2024-06-05 14:47 - Updated: 2026-06-03 17:04

Summary

Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update

Severity

Important

Notes

Topic: An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Jenkins is a continuous integration server that monitors the execution of recurring jobs, such as software builds or cron jobs. Security fixes: * jenkins-2-plugins: Git-server plugin has an arbitrary file read vulnerability (CVE-2024-23899) * jenkins-plugin/script-security: Sandbox bypass occurs via crafted constructor bodies (CVE-2024-34144) * jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined classes (CVE-2024-34145) * jenkins-2-plugins: HTML Publisher plugin has improper input sanitization (CVE-2024-28149) * Jetty: Stops accepting new connections from valid clients (CVE-2024-22201) * SSH: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) * golang-protobuf: Unmarshaling certain forms of invalid JSON in the protojson.Unmarshal function causes an infinite loop in the encoding/protojson and internal/encoding/json packages of Golang-protobuf (CVE-2024-24786) * jenkins-2-plugins: Matrix-project plugin has a path traversal vulnerability (CVE-2024-23900) For more details about these security issues, including their impact, CVSS scores, acknowledgments, and other related information, refer to the CVE page listed in the References section.

CVE-2023-48795

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-23899

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-23900

4.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CWE-23 - Relative Path Traversal

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-24786

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-28149

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34144

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34145

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

References

56 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:3635	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-48795	self
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://www.cve.org/CVERecord?id=CVE-2023-48795	external
https://nvd.nist.gov/vuln/detail/CVE-2023-48795	external
https://access.redhat.com/solutions/7071748	external
https://terrapin-attack.com/	external
https://access.redhat.com/security/cve/CVE-2024-22201	self
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://www.cve.org/CVERecord?id=CVE-2024-22201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22201	external
https://github.com/jetty/jetty.project/issues/11256	external
https://github.com/jetty/jetty.project/security/a…	external
https://access.redhat.com/security/cve/CVE-2024-23899	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://www.cve.org/CVERecord?id=CVE-2024-23899	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23899	external
http://www.openwall.com/lists/oss-security/2024/01/24/6	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-23900	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://www.cve.org/CVERecord?id=CVE-2024-23900	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23900	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-24786	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://www.cve.org/CVERecord?id=CVE-2024-24786	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24786	external
https://go.dev/cl/569356	external
https://groups.google.com/g/golang-announce/c/ArQ…	external
https://pkg.go.dev/vuln/GO-2024-2611	external
https://access.redhat.com/security/cve/CVE-2024-28149	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://www.cve.org/CVERecord?id=CVE-2024-28149	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28149	external
https://www.jenkins.io/security/advisory/2024-03-…	external
https://access.redhat.com/security/cve/CVE-2024-34144	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://www.cve.org/CVERecord?id=CVE-2024-34144	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34144	external
http://www.openwall.com/lists/oss-security/2024/05/02/3	external
https://www.jenkins.io/security/advisory/2024-05-…	external
https://access.redhat.com/security/cve/CVE-2024-34145	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://www.cve.org/CVERecord?id=CVE-2024-34145	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34145	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Jenkins is a continuous integration server that monitors the execution of recurring jobs, such as software builds or cron jobs.\n\nSecurity fixes:\n\n* jenkins-2-plugins: Git-server plugin has an arbitrary file read vulnerability (CVE-2024-23899)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via crafted constructor bodies (CVE-2024-34144)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined classes (CVE-2024-34145)\n\n* jenkins-2-plugins: HTML Publisher plugin has improper input sanitization (CVE-2024-28149)\n\n* Jetty: Stops accepting new connections from valid clients (CVE-2024-22201)\n\n* SSH: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* golang-protobuf: Unmarshaling certain forms of invalid JSON in the protojson.Unmarshal function causes an infinite loop in the encoding/protojson and internal/encoding/json packages of Golang-protobuf (CVE-2024-24786)\n\n* jenkins-2-plugins: Matrix-project plugin has a path traversal vulnerability (CVE-2024-23900)\n\nFor more details about these security issues, including their impact, CVSS scores, acknowledgments, and other related information, refer to the CVE page listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3635",
        "url": "https://access.redhat.com/errata/RHSA-2024:3635"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2260183",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
      },
      {
        "category": "external",
        "summary": "2260184",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
      },
      {
        "category": "external",
        "summary": "2266136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
      },
      {
        "category": "external",
        "summary": "2268046",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
      },
      {
        "category": "external",
        "summary": "2268227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
      },
      {
        "category": "external",
        "summary": "2278820",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
      },
      {
        "category": "external",
        "summary": "2278821",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3635.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update",
    "tracking": {
      "current_release_date": "2026-06-03T17:04:00+00:00",
      "generator": {
        "date": "2026-06-03T17:04:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:3635",
      "initial_release_date": "2024-06-05T14:47:22+00:00",
      "revision_history": [
        {
          "date": "2024-06-05T14:47:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-05T14:47:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-03T17:04:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Developer Tools and Services for OCP 4.12",
                "product": {
                  "name": "OpenShift Developer Tools and Services for OCP 4.12",
                  "product_id": "8Base-OCP-Tools-4.12",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Developer Tools and Services"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716445200-3.el8.src",
                "product": {
                  "name": "jenkins-0:2.440.3.1716445200-3.el8.src",
                  "product_id": "jenkins-0:2.440.3.1716445200-3.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716445200-3.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.src",
                "product": {
                  "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.src",
                  "product_id": "jenkins-2-plugins-0:4.12.1716445211-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1716445211-1.el8?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716445200-3.el8.noarch",
                "product": {
                  "name": "jenkins-0:2.440.3.1716445200-3.el8.noarch",
                  "product_id": "jenkins-0:2.440.3.1716445200-3.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716445200-3.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
                  "product_id": "jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.12.1716445211-1.el8?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716445200-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
          "product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch"
        },
        "product_reference": "jenkins-0:2.440.3.1716445200-3.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716445200-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
          "product_id": "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src"
        },
        "product_reference": "jenkins-0:2.440.3.1716445200-3.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.12",
          "product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.12.1716445211-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.12",
          "product_id": "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        },
        "product_reference": "jenkins-2-plugins-0:4.12.1716445211-1.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2266136"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jetty: stop accepting new connections from valid clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The issue in Jetty where HTTP/2 connections can enter a congested, idle state and potentially exhaust server file descriptors represents a moderate severity due to its impact on system resources and service availability. While the vulnerability requires the deliberate creation of numerous congested connections by an attacker, its exploitation can lead to denial-of-service conditions by consuming all available file descriptors. This scenario could disrupt legitimate client connections and impair server responsiveness.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2266136",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/issues/11256",
          "url": "https://github.com/jetty/jetty.project/issues/11256"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
        }
      ],
      "release_date": "2024-02-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jetty: stop accepting new connections from valid clients"
    },
    {
      "cve": "CVE-2024-23899",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260183"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server\u0027s file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260183",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability"
    },
    {
      "cve": "CVE-2024-23900",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260184"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system with content not controllable by the attackers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260184",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23900",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability"
    },
    {
      "cve": "CVE-2024-24786",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569356",
          "url": "https://go.dev/cl/569356"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
          "url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2611",
          "url": "https://pkg.go.dev/vuln/GO-2024-2611"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
    },
    {
      "cve": "CVE-2024-28149",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting (XSS) attacks and determine whether a path on the Jenkins controller file system exists, without being able to access it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "HTML Publisher Plugin 1.32.1 removes support for reports created before HTML Publisher Plugin 1.15. Those reports are retained on the disk, but may no longer be accessible through the Jenkins UI.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28149",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301",
          "url": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301"
        }
      ],
      "release_date": "2024-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin"
    },
    {
      "cve": "CVE-2024-34144",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278820"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278820",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34144",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies"
    },
    {
      "cve": "CVE-2024-34145",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278821"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin within the sandbox-defined classes, enabling the circumvention of security restrictions. This flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
          "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278821",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34145",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:47:22+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-0:2.440.3.1716445200-3.el8.src",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.noarch",
            "8Base-OCP-Tools-4.12:jenkins-2-plugins-0:4.12.1716445211-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes"
    }
  ]
}

RHSA-2024:3636

Vulnerability from csaf_redhat - Published: 2024-06-05 14:46 - Updated: 2026-06-03 17:04

Summary

Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update

Severity

Important

Notes

Topic: An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Jenkins is a continuous integration server that monitors the execution of recurring jobs, such as software builds or cron jobs. Security fixes: * jenkins-2-plugins: Git-server plugin has an arbitrary file read vulnerability (CVE-2024-23899) * jenkins-plugin/script-security: Sandbox bypass occurs via crafted constructor bodies (CVE-2024-34144) * jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined classes (CVE-2024-34145) * jenkins-2-plugins: HTML Publisher plugin has improper input sanitization (CVE-2024-28149) * jetty: Stops accepting new connections from valid clients (CVE-2024-22201) * SSH: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795) * golang-protobuf: Unmarshaling certain forms of invalid JSON in the protojson.Unmarshal function causes an infinite loop in the encoding/protojson and internal/encoding/json packages of Golang-protobuf (CVE-2024-24786). * jenkins-2-plugins: Matrix-project plugin has a path traversal vulnerability (CVE-2024-23900) For more details about these security issues, including their impact, CVSS scores, acknowledgments, and other related information, refer to the CVE page listed in the References section.

CVE-2023-48795

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-222 - Truncation of Security-relevant Information

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-22201

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-23899

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-23900

4.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

CWE-23 - Relative Path Traversal

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-24786

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-28149

8.0 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34144

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

CVE-2024-34145

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-693 - Protection Mechanism Failure

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src	—	Vendor Fix fix

Threats

Impact Important

References

56 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:3636	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-48795	self
https://bugzilla.redhat.com/show_bug.cgi?id=2254210	external
https://www.cve.org/CVERecord?id=CVE-2023-48795	external
https://nvd.nist.gov/vuln/detail/CVE-2023-48795	external
https://access.redhat.com/solutions/7071748	external
https://terrapin-attack.com/	external
https://access.redhat.com/security/cve/CVE-2024-22201	self
https://bugzilla.redhat.com/show_bug.cgi?id=2266136	external
https://www.cve.org/CVERecord?id=CVE-2024-22201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22201	external
https://github.com/jetty/jetty.project/issues/11256	external
https://github.com/jetty/jetty.project/security/a…	external
https://access.redhat.com/security/cve/CVE-2024-23899	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260183	external
https://www.cve.org/CVERecord?id=CVE-2024-23899	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23899	external
http://www.openwall.com/lists/oss-security/2024/01/24/6	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-23900	self
https://bugzilla.redhat.com/show_bug.cgi?id=2260184	external
https://www.cve.org/CVERecord?id=CVE-2024-23900	external
https://nvd.nist.gov/vuln/detail/CVE-2024-23900	external
https://www.jenkins.io/security/advisory/2024-01-…	external
https://access.redhat.com/security/cve/CVE-2024-24786	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://www.cve.org/CVERecord?id=CVE-2024-24786	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24786	external
https://go.dev/cl/569356	external
https://groups.google.com/g/golang-announce/c/ArQ…	external
https://pkg.go.dev/vuln/GO-2024-2611	external
https://access.redhat.com/security/cve/CVE-2024-28149	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268227	external
https://www.cve.org/CVERecord?id=CVE-2024-28149	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28149	external
https://www.jenkins.io/security/advisory/2024-03-…	external
https://access.redhat.com/security/cve/CVE-2024-34144	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278820	external
https://www.cve.org/CVERecord?id=CVE-2024-34144	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34144	external
http://www.openwall.com/lists/oss-security/2024/05/02/3	external
https://www.jenkins.io/security/advisory/2024-05-…	external
https://access.redhat.com/security/cve/CVE-2024-34145	self
https://bugzilla.redhat.com/show_bug.cgi?id=2278821	external
https://www.cve.org/CVERecord?id=CVE-2024-34145	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34145	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for OpenShift Jenkins is now available for Red Hat Product OCP Tools 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Jenkins is a continuous integration server that monitors the execution of\nrecurring jobs, such as software builds or cron jobs.\n\nSecurity fixes:\n\n* jenkins-2-plugins: Git-server plugin has an arbitrary file read\nvulnerability (CVE-2024-23899)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via crafted\nconstructor bodies (CVE-2024-34144)\n\n* jenkins-plugin/script-security: Sandbox bypass occurs via sandbox-defined\nclasses (CVE-2024-34145)\n\n* jenkins-2-plugins: HTML Publisher plugin has improper input sanitization\n(CVE-2024-28149)\n\n* jetty: Stops accepting new connections from valid clients\n(CVE-2024-22201)\n\n* SSH: Prefix truncation attack on Binary Packet Protocol (BPP)\n(CVE-2023-48795)\n\n* golang-protobuf: Unmarshaling certain forms of invalid JSON in the\nprotojson.Unmarshal function causes an infinite loop in the\nencoding/protojson and internal/encoding/json packages of Golang-protobuf\n(CVE-2024-24786).\n\n* jenkins-2-plugins: Matrix-project plugin has a path traversal\nvulnerability (CVE-2024-23900)\n\nFor more details about these security issues, including their impact, CVSS\nscores, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3636",
        "url": "https://access.redhat.com/errata/RHSA-2024:3636"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2260183",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
      },
      {
        "category": "external",
        "summary": "2260184",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
      },
      {
        "category": "external",
        "summary": "2266136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
      },
      {
        "category": "external",
        "summary": "2268046",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
      },
      {
        "category": "external",
        "summary": "2268227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
      },
      {
        "category": "external",
        "summary": "2278820",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
      },
      {
        "category": "external",
        "summary": "2278821",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3636.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update",
    "tracking": {
      "current_release_date": "2026-06-03T17:04:00+00:00",
      "generator": {
        "date": "2026-06-03T17:04:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2024:3636",
      "initial_release_date": "2024-06-05T14:46:12+00:00",
      "revision_history": [
        {
          "date": "2024-06-05T14:46:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-05T14:46:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-03T17:04:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Developer Tools and Services for OCP 4.13",
                "product": {
                  "name": "OpenShift Developer Tools and Services for OCP 4.13",
                  "product_id": "8Base-OCP-Tools-4.13",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Developer Tools and Services"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716445150-3.el8.src",
                "product": {
                  "name": "jenkins-0:2.440.3.1716445150-3.el8.src",
                  "product_id": "jenkins-0:2.440.3.1716445150-3.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716445150-3.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.src",
                "product": {
                  "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.src",
                  "product_id": "jenkins-2-plugins-0:4.13.1716445207-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1716445207-1.el8?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-0:2.440.3.1716445150-3.el8.noarch",
                "product": {
                  "name": "jenkins-0:2.440.3.1716445150-3.el8.noarch",
                  "product_id": "jenkins-0:2.440.3.1716445150-3.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.440.3.1716445150-3.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
                  "product_id": "jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.13.1716445207-1.el8?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716445150-3.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
          "product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch"
        },
        "product_reference": "jenkins-0:2.440.3.1716445150-3.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.13"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.440.3.1716445150-3.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
          "product_id": "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src"
        },
        "product_reference": "jenkins-0:2.440.3.1716445150-3.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.13"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch as a component of OpenShift Developer Tools and Services for OCP 4.13",
          "product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
        "relates_to_product_reference": "8Base-OCP-Tools-4.13"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.13.1716445207-1.el8.src as a component of OpenShift Developer Tools and Services for OCP 4.13",
          "product_id": "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        },
        "product_reference": "jenkins-2-plugins-0:4.13.1716445207-1.el8.src",
        "relates_to_product_reference": "8Base-OCP-Tools-4.13"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-02-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2266136"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jetty, a Java based web server and servlet engine. If an HTTP/2 connection gets TCP congested, it remains open and idle, and connections may be leaked when it times out. An attacker can cause many connections to end up in this state, and the server may run out of file descriptors, eventually causing the server to stop accepting new connections from valid clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jetty: stop accepting new connections from valid clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The issue in Jetty where HTTP/2 connections can enter a congested, idle state and potentially exhaust server file descriptors represents a moderate severity due to its impact on system resources and service availability. While the vulnerability requires the deliberate creation of numerous congested connections by an attacker, its exploitation can lead to denial-of-service conditions by consuming all available file descriptors. This scenario could disrupt legitimate client connections and impair server responsiveness.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2266136",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266136"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/issues/11256",
          "url": "https://github.com/jetty/jetty.project/issues/11256"
        },
        {
          "category": "external",
          "summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98",
          "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98"
        }
      ],
      "release_date": "2024-02-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jetty: stop accepting new connections from valid clients"
    },
    {
      "cve": "CVE-2024-23899",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260183"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server\u0027s file system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260183",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260183"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23899",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23899"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3319"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: git-server plugin arbitrary file read vulnerability"
    },
    {
      "cve": "CVE-2024-23900",
      "cwe": {
        "id": "CWE-23",
        "name": "Relative Path Traversal"
      },
      "discovery_date": "2024-01-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2260184"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system with content not controllable by the attackers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "RHBZ#2260184",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260184"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23900",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23900"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/01/24/6",
          "url": "http://www.openwall.com/lists/oss-security/2024/01/24/6"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289",
          "url": "https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins-2-plugins: matrix-project plugin path traversal vulnerability"
    },
    {
      "cve": "CVE-2024-24786",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569356",
          "url": "https://go.dev/cl/569356"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
          "url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2611",
          "url": "https://pkg.go.dev/vuln/GO-2024-2611"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
    },
    {
      "cve": "CVE-2024-28149",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268227"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting (XSS) attacks and determine whether a path on the Jenkins controller file system exists, without being able to access it.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "HTML Publisher Plugin 1.32.1 removes support for reports created before HTML Publisher Plugin 1.15. Those reports are retained on the disk, but may no longer be accessible through the Jenkins UI.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268227",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268227"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28149",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28149"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301",
          "url": "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301"
        }
      ],
      "release_date": "2024-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin"
    },
    {
      "cve": "CVE-2024-34144",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278820"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278820",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278820"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34144",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34144"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies"
    },
    {
      "cve": "CVE-2024-34145",
      "cwe": {
        "id": "CWE-693",
        "name": "Protection Mechanism Failure"
      },
      "discovery_date": "2024-05-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2278821"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin within the sandbox-defined classes, enabling the circumvention of security restrictions. This flaw allows authenticated attackers to define and execute sandboxed scripts, including Pipelines, bypassing sandbox protection mechanisms and executing arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe Script Security Plugin features a sandbox functionality designed to enable users with limited privileges to create scripts, including Pipelines, which are generally safe for execution. This security mechanism intercepts calls within sandboxed scripts, referencing various allowlists to decide whether these calls should be permitted.\r\n\r\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include:\r\n\r\n- Exploiting crafted constructor bodies that trigger other constructors, thereby allowing the construction of any subclassable type through implicit casts.\r\n- Utilizing Groovy classes defined within the sandbox that overshadow certain non-sandboxed classes, facilitating the creation of any subclassable type.\r\n\r\nThese vulnerabilities enable attackers, who have the permission to create and execute sandboxed scripts including Pipelines, to circumvent sandbox protections and execute arbitrary code within the context of the Jenkins controller JVM.\r\n\r\nThe fixed version of this script incorporates enhanced restrictions and sanity checks. These improvements ensure that calls to super constructors are intercepted by the sandbox, including:\r\n\r\n- Ensuring that calls to other constructors via \u0027this\u0027 are now appropriately managed within the sandbox.\r\n- No longer overlooking classes in packages that may be overshadowed by Groovy-defined classes when intercepting super constructor calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a process being able to access resources outside an assigned sandbox.\n\nThe vulnerabilities that allow for sandbox bypass have been identified in versions up to 1335.vf07d9ce377a_e of the Script Security Plugin. These vulnerabilities include exploiting specially crafted constructor bodies, utilizing certain groovy classes.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
          "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "RHBZ#2278821",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278821"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34145",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34145"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/05/02/3",
          "url": "http://www.openwall.com/lists/oss-security/2024/05/02/3"
        },
        {
          "category": "external",
          "summary": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341",
          "url": "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341"
        }
      ],
      "release_date": "2024-05-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-05T14:46:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-0:2.440.3.1716445150-3.el8.src",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.noarch",
            "8Base-OCP-Tools-4.13:jenkins-2-plugins-0:4.13.1716445207-1.el8.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Product	Identifier	Version
financial_services_cash_flow_engine oracle	`cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:::::::*`	—
financial_services_lending_and_leasing oracle	`cpe:2.3:a:oracle:financial_services_lending_and_leasing::::::::`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing::::::::`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	—
financial_services_basel_regulatory_capital_basic oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:::::::*`	—
financial_services_basel_regulatory_capital_basic oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:::::::*`	—
financial_services_basel_regulatory_capital_internal_ratings_based_approach oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:::::::*`	—
financial_services_basel_regulatory_capital_internal_ratings_based_approach oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	—
financial_services_trade-based_anti_money_laundering_enterprise_edition oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:::::::*`	—
financial_services_trade-based_anti_money_laundering_enterprise_edition oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:::::::*`	—

Action not permitted

CVE-2024-22201 (GCVE-0-2024-22201)

Tags

Sightings

Nomenclature