Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-26130 (GCVE-0-2024-26130)
Vulnerability from cvelistv5 – Published: 2024-02-21 16:28 – Updated: 2024-08-14 20:01
VLAI
EPSS
Title
cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
Summary
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/pyca/cryptography/security/adv… | x_refsource_CONFIRM |
| https://github.com/pyca/cryptography/pull/10423 | x_refsource_MISC |
| https://github.com/pyca/cryptography/commit/97d23… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| pyca | cryptography |
Affected:
>= 38.0.0, < 42.0.4
|
|
| cryptography_project | cryptography |
Affected:
38.0.0 , < 42.04
(custom)
cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:59:32.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"name": "https://github.com/pyca/cryptography/pull/10423",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*"
],
"defaultStatus": "unknown",
"product": "cryptography",
"vendor": "cryptography_project",
"versions": [
{
"lessThan": "42.04",
"status": "affected",
"version": "38.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T19:56:07.150963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T20:01:52.628Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cryptography",
"vendor": "pyca",
"versions": [
{
"status": "affected",
"version": "\u003e= 38.0.0, \u003c 42.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-21T16:28:18.632Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"name": "https://github.com/pyca/cryptography/pull/10423",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
}
],
"source": {
"advisory": "GHSA-6vqw-3v5j-54x4",
"discovery": "UNKNOWN"
},
"title": "cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-26130",
"datePublished": "2024-02-21T16:28:18.632Z",
"dateReserved": "2024-02-14T17:40:03.687Z",
"dateUpdated": "2024-08-14T20:01:52.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-26130",
"date": "2026-06-11",
"epss": "0.00462",
"percentile": "0.64679"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.\"}, {\"lang\": \"es\", \"value\": \"cryptography es un paquete manipulado para exponer recetas y primitivas criptogr\\u00e1ficas a los desarrolladores de Python. A partir de la versi\\u00f3n 38.0.0 y anteriores a la versi\\u00f3n 42.0.4, si se llama a `pkcs12.serialize_key_and_certificates` con un certificado cuya clave p\\u00fablica no coincide con la clave privada proporcionada y un `encryption_algorithm` con `hmac_hash` configurado (a trav\\u00e9s de `PrivateFormat .PKCS12.encryption_builder().hmac_hash(...)`, entonces se producir\\u00eda una desreferencia del puntero NULL, bloqueando el proceso de Python. Esto se resolvi\\u00f3 en la versi\\u00f3n 42.0.4, la primera versi\\u00f3n en la que se genera correctamente un `ValueError` .\"}]",
"id": "CVE-2024-26130",
"lastModified": "2024-11-21T09:01:59.757",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2024-02-21T17:15:09.863",
"references": "[{\"url\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/pyca/cryptography/pull/10423\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/pyca/cryptography/pull/10423\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-26130\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-21T17:15:09.863\",\"lastModified\":\"2025-02-05T22:09:20.427\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.\"},{\"lang\":\"es\",\"value\":\"cryptography es un paquete manipulado para exponer recetas y primitivas criptogr\u00e1ficas a los desarrolladores de Python. A partir de la versi\u00f3n 38.0.0 y anteriores a la versi\u00f3n 42.0.4, si se llama a `pkcs12.serialize_key_and_certificates` con un certificado cuya clave p\u00fablica no coincide con la clave privada proporcionada y un `encryption_algorithm` con `hmac_hash` configurado (a trav\u00e9s de `PrivateFormat .PKCS12.encryption_builder().hmac_hash(...)`, entonces se producir\u00eda una desreferencia del puntero NULL, bloqueando el proceso de Python. Esto se resolvi\u00f3 en la versi\u00f3n 42.0.4, la primera versi\u00f3n en la que se genera correctamente un `ValueError` .\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cryptography.io:cryptography:*:*:*:*:*:python:*:*\",\"versionStartIncluding\":\"38.0.0\",\"versionEndExcluding\":\"42.0.4\",\"matchCriteriaId\":\"BDAE857E-8C66-4574-88CD-615D866340CA\"}]}]}],\"references\":[{\"url\":\"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pyca/cryptography/pull/10423\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/pyca/cryptography/pull/10423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"name\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/pyca/cryptography/pull/10423\", \"name\": \"https://github.com/pyca/cryptography/pull/10423\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"name\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:59:32.542Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-26130\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-14T19:56:07.150963Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:cryptography_project:cryptography:*:*:*:*:*:python:*:*\"], \"vendor\": \"cryptography_project\", \"product\": \"cryptography\", \"versions\": [{\"status\": \"affected\", \"version\": \"38.0.0\", \"lessThan\": \"42.04\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-14T19:59:58.743Z\"}}], \"cna\": {\"title\": \"cryptography NULL pointer deference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override\", \"source\": {\"advisory\": \"GHSA-6vqw-3v5j-54x4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"pyca\", \"product\": \"cryptography\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 38.0.0, \u003c 42.0.4\"}]}], \"references\": [{\"url\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"name\": \"https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/pyca/cryptography/pull/10423\", \"name\": \"https://github.com/pyca/cryptography/pull/10423\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"name\": \"https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476: NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-02-21T16:28:18.632Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-26130\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-14T20:01:52.628Z\", \"dateReserved\": \"2024-02-14T17:40:03.687Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-02-21T16:28:18.632Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2026-AVI-0627
Vulnerability from certfr_avis - Published: 2026-05-21 - Updated: 2026-05-21
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.2.x antérieures à 10.2.3 | ||
| Splunk | N/A | Splunk AI Toolkit versions 5.7.x antérieures à 5.7.3 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.129 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.3.2512 antérieures à 10.3.2512.9 | ||
| Splunk | Splunk | image Docker Splunk versions 10.2.x antérieures à 10.2.2 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.4.2603 antérieures à 10.4.2603.1 | ||
| Splunk | Splunk AppDynamics Database Agent | Splunk AppDynamics Database Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk | image Docker Splunk versions 9.4.x antérieures à 9.4.10 | ||
| Splunk | Splunk User Behavior Analytics (UBA) | Splunk User Behavior Analytics versions 5.4.x antérieures à 5.4.5 | ||
| Splunk | Splunk AppDynamics Private Synthetic Agent | Splunk AppDynamics Private Synthetic Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk AppDynamics Analytics Agent | Splunk AppDynamics Analytics Agent versions antérieures à 26.4.0 | ||
| Splunk | N/A | Splunk AppDynamics Cluster Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk AppDynamics Machine Agent | Splunk AppDynamics Machine Agent versions antérieures à 26.4.0 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.11 | ||
| Splunk | N/A | Splunk AppDynamics Python Agent versions antérieures à 26.4.1 | ||
| Splunk | Splunk | image Docker Splunk versions 10.0.x antérieures à 10.0.5 | ||
| Splunk | N/A | Splunk Add-on for Tomcat versions 3.3.x antérieures à 3.3.1 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.21 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 10.0.x antérieures à 10.0.6 | ||
| Splunk | N/A | Splunk AppDynamics Apache Web Server Agent versions 25.11.x antérieures à 25.11.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.4.x antérieures à 9.4.11 | ||
| Splunk | Splunk | image Docker Splunk versions 9.3.x antérieures à 9.3.11 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.13 | ||
| Splunk | Universal Forwarder | Splunk Universal Forwarder versions 9.4.x antérieures à 9.4.11 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.3.x antérieures à 9.3.12 | ||
| Splunk | Splunk AppDynamics Java Agent | Splunk AppDynamics Java Agent versions antérieures à 26.4.0 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk Enterprise versions 10.2.x ant\u00e9rieures \u00e0 10.2.3",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AI Toolkit versions 5.7.x ant\u00e9rieures \u00e0 5.7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 9.3.2411 ant\u00e9rieures \u00e0 9.3.2411.129",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.3.2512 ant\u00e9rieures \u00e0 10.3.2512.9",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 10.2.x ant\u00e9rieures \u00e0 10.2.2",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.4.2603 ant\u00e9rieures \u00e0 10.4.2603.1",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Database Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Database Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 9.4.x ant\u00e9rieures \u00e0 9.4.10",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk User Behavior Analytics versions 5.4.x ant\u00e9rieures \u00e0 5.4.5",
"product": {
"name": "Splunk User Behavior Analytics (UBA)",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Private Synthetic Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Private Synthetic Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Analytics Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Analytics Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Cluster Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Machine Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Machine Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.2.2510 ant\u00e9rieures \u00e0 10.2.2510.11",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Python Agent versions ant\u00e9rieures \u00e0 26.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 10.0.x ant\u00e9rieures \u00e0 10.0.5",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Add-on for Tomcat versions 3.3.x ant\u00e9rieures \u00e0 3.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.1.2507 ant\u00e9rieures \u00e0 10.1.2507.21",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 10.0.x ant\u00e9rieures \u00e0 10.0.6",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Apache Web Server Agent versions 25.11.x ant\u00e9rieures \u00e0 25.11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.11",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "image Docker Splunk versions 9.3.x ant\u00e9rieures \u00e0 9.3.11",
"product": {
"name": "Splunk",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions 10.0.2503 ant\u00e9rieures \u00e0 10.0.2503.13",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.11",
"product": {
"name": "Universal Forwarder",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.12",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk AppDynamics Java Agent versions ant\u00e9rieures \u00e0 26.4.0",
"product": {
"name": "Splunk AppDynamics Java Agent",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-26007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26007"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-58436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58436"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2026-32777",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32777"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2024-5321",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5321"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2026-41324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41324"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2026-42308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42308"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-29775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29775"
},
{
"name": "CVE-2026-3543",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3543"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2025-66199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2025-68384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68384"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2025-58190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2026-21637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21637"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2026-22801",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22801"
},
{
"name": "CVE-2026-42309",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42309"
},
{
"name": "CVE-2023-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"name": "CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-29774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29774"
},
{
"name": "CVE-2025-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28164"
},
{
"name": "CVE-2026-3540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3540"
},
{
"name": "CVE-2024-10220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10220"
},
{
"name": "CVE-2024-45339",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45339"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2025-46762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46762"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"name": "CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2022-45868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45868"
},
{
"name": "CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2026-34876",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34876"
},
{
"name": "CVE-2025-4432",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4432"
},
{
"name": "CVE-2023-5590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5590"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2025-69419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2026-27456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-58060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58060"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2026-1605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1605"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2026-3061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3061"
},
{
"name": "CVE-2026-27171",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27171"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2026-3731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3731"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"name": "CVE-2026-3062",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3062"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2026-1861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1861"
},
{
"name": "CVE-2025-66516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-2251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2251"
},
{
"name": "CVE-2026-25833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25833"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2025-49844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49844"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2024-58251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2026-22690",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22690"
},
{
"name": "CVE-2025-55130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55130"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"name": "CVE-2026-3544",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3544"
},
{
"name": "CVE-2024-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12084"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2026-2648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2648"
},
{
"name": "CVE-2023-47627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
},
{
"name": "CVE-2026-40200",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40200"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2026-27025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27025"
},
{
"name": "CVE-2025-55131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55131"
},
{
"name": "CVE-2026-32778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32778"
},
{
"name": "CVE-2026-5121",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2024-41996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-59465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59465"
},
{
"name": "CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"name": "CVE-2026-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21715"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2026-34073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
},
{
"name": "CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2019-10202",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10202"
},
{
"name": "CVE-2026-25834",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25834"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2026-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3537"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-69225",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
},
{
"name": "CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"name": "CVE-2026-27024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27024"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"name": "CVE-2026-4424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
},
{
"name": "CVE-2025-67030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67030"
},
{
"name": "CVE-2026-34877",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34877"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2026-28389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28389"
},
{
"name": "CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2026-34875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34875"
},
{
"name": "CVE-2026-21717",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21717"
},
{
"name": "CVE-2025-64505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
},
{
"name": "CVE-2025-69227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2025-69421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2026-34478",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34478"
},
{
"name": "CVE-2026-33055",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33055"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2025-11143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
},
{
"name": "CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"name": "CVE-2017-7658",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7658"
},
{
"name": "CVE-2026-27699",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27699"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2025-47911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47911"
},
{
"name": "CVE-2025-28162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28162"
},
{
"name": "CVE-2023-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22946"
},
{
"name": "CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"name": "CVE-2025-13151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13151"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2026-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21716"
},
{
"name": "CVE-2025-64506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64506"
},
{
"name": "CVE-2024-53899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53899"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2026-28351",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28351"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-14174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14174"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2026-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
},
{
"name": "CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"name": "CVE-2024-30251",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30251"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2026-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2650"
},
{
"name": "CVE-2026-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3541"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2026-3539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3539"
},
{
"name": "CVE-2026-34874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34874"
},
{
"name": "CVE-2026-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21712"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2024-27306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27306"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2024-8775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
},
{
"name": "CVE-2026-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3538"
},
{
"name": "CVE-2025-55159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55159"
},
{
"name": "CVE-2025-55132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55132"
},
{
"name": "CVE-2026-22702",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22702"
},
{
"name": "CVE-2025-46394",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2025-68390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68390"
},
{
"name": "CVE-2024-11079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2026-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25210"
},
{
"name": "CVE-2026-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28387"
},
{
"name": "CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"name": "CVE-2026-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28388"
},
{
"name": "CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"name": "CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2026-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21714"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2026-4111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4111"
},
{
"name": "CVE-2026-24515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24515"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2024-41110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41110"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2026-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2441"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2025-69228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2025-1948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1948"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2025-27553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27553"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2026-27888",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27888"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2026-33056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33056"
},
{
"name": "CVE-2026-25835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25835"
},
{
"name": "CVE-2025-68160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2017-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7657"
},
{
"name": "CVE-2025-67735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2026-0965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0965"
},
{
"name": "CVE-2020-36242",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36242"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2022-40023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40023"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2026-34872",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34872"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2026-3542",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3542"
},
{
"name": "CVE-2023-49081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2026-34871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34871"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-69226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
},
{
"name": "CVE-2026-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3536"
},
{
"name": "CVE-2026-28390",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28390"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2024-32650",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32650"
},
{
"name": "CVE-2026-34873",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34873"
},
{
"name": "CVE-2026-6042",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6042"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2019-10172",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10172"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2026-0967",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0967"
},
{
"name": "CVE-2025-69418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-59466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59466"
},
{
"name": "CVE-2025-15468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2026-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21713"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"name": "CVE-2026-0968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0968"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2024-52304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52304"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2023-5408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5408"
},
{
"name": "CVE-2025-69277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69277"
},
{
"name": "CVE-2026-25541",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25541"
},
{
"name": "CVE-2026-31789",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31789"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2026-42311",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42311"
},
{
"name": "CVE-2026-20239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20239"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2026-3063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3063"
},
{
"name": "CVE-2019-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0210"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-27308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27308"
},
{
"name": "CVE-2026-42310",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42310"
},
{
"name": "CVE-2026-22695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22695"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2026-20240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20240"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"name": "CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"name": "CVE-2025-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
},
{
"name": "CVE-2017-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7656"
},
{
"name": "CVE-2026-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27026"
},
{
"name": "CVE-2026-2673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2673"
},
{
"name": "CVE-2018-20225",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20225"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2026-1584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1584"
},
{
"name": "CVE-2026-20238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20238"
},
{
"name": "CVE-2024-23829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23829"
},
{
"name": "CVE-2025-59464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59464"
},
{
"name": "CVE-2025-30153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30153"
},
{
"name": "CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2025-69229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
},
{
"name": "CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"name": "CVE-2026-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3545"
},
{
"name": "CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"name": "CVE-2026-28804",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28804"
},
{
"name": "CVE-2026-34477",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34477"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2026-2649",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2649"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2025-37731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37731"
},
{
"name": "CVE-2026-24688",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24688"
},
{
"name": "CVE-2026-32776",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32776"
},
{
"name": "CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2025-68119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68119"
},
{
"name": "CVE-2025-7338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2026-22691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22691"
},
{
"name": "CVE-2026-27628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27628"
},
{
"name": "CVE-2025-69420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2026-31790",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31790"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"name": "CVE-2024-23334",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23334"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2026-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21710"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2026-05-21T00:00:00",
"last_revision_date": "2026-05-21T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0627",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
"vendor_advisories": [
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0512",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0512"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0513",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0513"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0509",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0509"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0510",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0510"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0505",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0505"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0515",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0515"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0507",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0507"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0506",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0506"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0508",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0508"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0504",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0504"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0514",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0514"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0516",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0516"
},
{
"published_at": "2026-05-13",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0501",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0501"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0503",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0503"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0511",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0511"
},
{
"published_at": "2026-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0502",
"url": "https://advisory.splunk.com/advisories/SVD-2026-0502"
}
]
}
FKIE_CVE-2024-26130
Vulnerability from fkie_nvd - Published: 2024-02-21 17:15 - Updated: 2025-02-05 22:09
Severity
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 | Patch | |
| security-advisories@github.com | https://github.com/pyca/cryptography/pull/10423 | Issue Tracking, Patch | |
| security-advisories@github.com | https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pyca/cryptography/pull/10423 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptography.io | cryptography | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptography.io:cryptography:*:*:*:*:*:python:*:*",
"matchCriteriaId": "BDAE857E-8C66-4574-88CD-615D866340CA",
"versionEndExcluding": "42.0.4",
"versionStartIncluding": "38.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."
},
{
"lang": "es",
"value": "cryptography es un paquete manipulado para exponer recetas y primitivas criptogr\u00e1ficas a los desarrolladores de Python. A partir de la versi\u00f3n 38.0.0 y anteriores a la versi\u00f3n 42.0.4, si se llama a `pkcs12.serialize_key_and_certificates` con un certificado cuya clave p\u00fablica no coincide con la clave privada proporcionada y un `encryption_algorithm` con `hmac_hash` configurado (a trav\u00e9s de `PrivateFormat .PKCS12.encryption_builder().hmac_hash(...)`, entonces se producir\u00eda una desreferencia del puntero NULL, bloqueando el proceso de Python. Esto se resolvi\u00f3 en la versi\u00f3n 42.0.4, la primera versi\u00f3n en la que se genera correctamente un `ValueError` ."
}
],
"id": "CVE-2024-26130",
"lastModified": "2025-02-05T22:09:20.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-21T17:15:09.863",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
},
{
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-6VQW-3V5J-54X4
Vulnerability from github – Published: 2024-02-21 18:04 – Updated: 2025-02-06 18:07
VLAI
Summary
cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override
Details
If pkcs12.serialize_key_and_certificates is called with both:
- A certificate whose public key did not match the provided private key
- An
encryption_algorithmwithhmac_hashset (viaPrivateFormat.PKCS12.encryption_builder().hmac_hash(...)
Then a NULL pointer dereference would occur, crashing the Python process.
This has been resolved, and now a ValueError is properly raised.
Patched in https://github.com/pyca/cryptography/pull/10423
Severity
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "38.0.0"
},
{
"fixed": "42.0.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-26130"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": true,
"github_reviewed_at": "2024-02-21T18:04:40Z",
"nvd_published_at": "2024-02-21T17:15:09Z",
"severity": "HIGH"
},
"details": "If `pkcs12.serialize_key_and_certificates` is called with both:\n\n1. A certificate whose public key did not match the provided private key\n2. An `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`\n\nThen a NULL pointer dereference would occur, crashing the Python process.\n\nThis has been resolved, and now a `ValueError` is properly raised.\n\nPatched in https://github.com/pyca/cryptography/pull/10423",
"id": "GHSA-6vqw-3v5j-54x4",
"modified": "2025-02-06T18:07:25Z",
"published": "2024-02-21T18:04:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"type": "WEB",
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
},
{
"type": "PACKAGE",
"url": "https://github.com/pyca/cryptography"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2024-225.yaml"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override"
}
GSD-2024-26130
Vulnerability from gsd - Updated: 2024-02-15 06:02Details
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-26130"
],
"details": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.",
"id": "GSD-2024-26130",
"modified": "2024-02-15T06:02:25.140735Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2024-26130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cryptography",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "\u003e= 38.0.0, \u003c 42.0.4"
}
]
}
}
]
},
"vendor_name": "pyca"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-476",
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4",
"refsource": "MISC",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"name": "https://github.com/pyca/cryptography/pull/10423",
"refsource": "MISC",
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"name": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55",
"refsource": "MISC",
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
}
]
},
"source": {
"advisory": "GHSA-6vqw-3v5j-54x4",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised."
},
{
"lang": "es",
"value": "cryptography es un paquete manipulado para exponer recetas y primitivas criptogr\u00e1ficas a los desarrolladores de Python. A partir de la versi\u00f3n 38.0.0 y anteriores a la versi\u00f3n 42.0.4, si se llama a `pkcs12.serialize_key_and_certificates` con un certificado cuya clave p\u00fablica no coincide con la clave privada proporcionada y un `encryption_algorithm` con `hmac_hash` configurado (a trav\u00e9s de `PrivateFormat .PKCS12.encryption_builder().hmac_hash(...)`, entonces se producir\u00eda una desreferencia del puntero NULL, bloqueando el proceso de Python. Esto se resolvi\u00f3 en la versi\u00f3n 42.0.4, la primera versi\u00f3n en la que se genera correctamente un `ValueError` ."
}
],
"id": "CVE-2024-26130",
"lastModified": "2024-02-22T19:07:27.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2024-02-21T17:15:09.863",
"references": [
{
"source": "security-advisories@github.com",
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
}
}
}
NCSC-2024-0294
Vulnerability from csaf_ncscnl - Published: 2024-07-17 13:52 - Updated: 2024-07-17 13:52Summary
Kwetsbaarheden verholpen in Oracle Communications
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Er zijn kwetsbaarheden verholpen in Oracle Communications.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
* Denial-of-Service (DoS)
* Toegang tot gevoelige gegevens
* Toegang tot systeemgegevens
* Manipulatie van gegevens
* (Remote) code execution (Gebruikersrechten)
Oplossingen: Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.
Kans: medium
Schade: high
CWE-681: Incorrect Conversion between Numeric Types
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-787: Out-of-bounds Write
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-918: Server-Side Request Forgery (SSRF)
CWE-192: Integer Coercion Error
CWE-20: Improper Input Validation
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-222: Truncation of Security-relevant Information
CWE-284: Improper Access Control
CWE-295: Improper Certificate Validation
CWE-345: Insufficient Verification of Data Authenticity
CWE-352: Cross-Site Request Forgery (CSRF)
CWE-390: Detection of Error Condition Without Action
CWE-400: Uncontrolled Resource Consumption
CWE-404: Improper Resource Shutdown or Release
CWE-405: Asymmetric Resource Consumption (Amplification)
CWE-416: Use After Free
CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-450: Multiple Interpretations of UI Input
CWE-459: Incomplete Cleanup
CWE-476: NULL Pointer Dereference
CWE-502: Deserialization of Untrusted Data
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CWE-502
- Deserialization of Untrusted Data
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*
|
— | |
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*
|
— | |
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*
|
— | |
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
CWE-192
- Integer Coercion Error
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*
|
— | |
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
CWE-404
- Improper Resource Shutdown or Release
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
6.2 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.4 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.4 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
CWE-770
- Allocation of Resources Without Limits or Throttling
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
communications_asap
oracle
|
cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*
|
— |
References
80 references
| URL | Category |
|---|---|
| https://nvd.nist.gov/vuln/detail/CVE-2019-10086 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-29425 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2021-41184 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2022-34169 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2022-42890 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2022-48174 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-24998 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-33201 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-37920 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-44487 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-46589 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-48795 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-51775 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-52425 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2023-5685 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-0450 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-22019 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-22201 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-22234 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-22257 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-22262 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-23672 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-23807 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-23897 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-24549 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-25062 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-25710 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-26130 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-26308 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-27316 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-28182 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-28752 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-28849 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-29025 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-2961 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-34064 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-34069 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-6162 | external |
| https://www.oracle.com/docs/tech/security-alerts/… | external |
| https://www.oracle.com/security-alerts/cpujul2024.html | external |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2019… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2021… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2021… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2021… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Er zijn kwetsbaarheden verholpen in Oracle Communications.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48174"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37920"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0450"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22019"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22234"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22257"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23807"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27316"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28182"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2961"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34064"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34069"
},
{
"category": "external",
"summary": "Source - nvd",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6162"
},
{
"category": "external",
"summary": "Reference - oracle",
"url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
},
{
"category": "external",
"summary": "Reference - cveprojectv5; ibm; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujul2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications",
"tracking": {
"current_release_date": "2024-07-17T13:52:53.293003Z",
"id": "NCSC-2024-0294",
"initial_release_date": "2024-07-17T13:52:53.293003Z",
"revision_history": [
{
"date": "2024-07-17T13:52:53.293003Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-204629",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "communications_asap",
"product": {
"name": "communications_asap",
"product_id": "CSAFPID-816792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10086",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-10086",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-10086.json"
}
],
"title": "CVE-2019-10086"
},
{
"cve": "CVE-2021-29425",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-29425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-29425.json"
}
],
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-37533",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2021-37533"
},
{
"cve": "CVE-2021-41184",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-204629",
"CSAFPID-816792"
]
}
],
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"notes": [
{
"category": "other",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"product_status": {
"known_affected": [
"CSAFPID-204629",
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-34169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-36033",
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-42890",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42890",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42890.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2022-42890"
},
{
"cve": "CVE-2022-48174",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-48174",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-48174.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2022-48174"
},
{
"cve": "CVE-2023-5685",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5685",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-5685"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
}
],
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-33201",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-37920",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-37920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-37920"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46589",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51775",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-51775"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2024-0450",
"cwe": {
"id": "CWE-450",
"name": "Multiple Interpretations of UI Input"
},
"notes": [
{
"category": "other",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "other",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2961",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6162",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6162",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-6162"
},
{
"cve": "CVE-2024-22019",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22019",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-22019"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-22234",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-22234"
},
{
"cve": "CVE-2024-22257",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22257",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2024-22262",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22262",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-22262"
},
{
"cve": "CVE-2024-23672",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-23897",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23897",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23897.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-23897"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25062",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-27316",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27316",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27316.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-27316"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28752",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28752",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28752.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-28752"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34064",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34069",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"notes": [
{
"category": "other",
"text": "Cross-Site Request Forgery (CSRF)",
"title": "CWE-352"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816792"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34069",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34069.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816792"
]
}
],
"title": "CVE-2024-34069"
}
]
}
NCSC-2024-0411
Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:15 - Updated: 2024-10-17 13:15Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-130: Improper Handling of Length Parameter Inconsistency
CWE-208: Observable Timing Discrepancy
CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755: Improper Handling of Exceptional Conditions
CWE-834: Excessive Iteration
CWE-407: Inefficient Algorithmic Complexity
CWE-178: Improper Handling of Case Sensitivity
CWE-732: Incorrect Permission Assignment for Critical Resource
CWE-415: Double Free
CWE-311: Missing Encryption of Sensitive Data
CWE-427: Uncontrolled Search Path Element
CWE-172: Encoding Error
CWE-680: Integer Overflow to Buffer Overflow
CWE-426: Untrusted Search Path
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116: Improper Encoding or Escaping of Output
CWE-345: Insufficient Verification of Data Authenticity
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203: Observable Discrepancy
CWE-190: Integer Overflow or Wraparound
CWE-552: Files or Directories Accessible to External Parties
CWE-639: Authorization Bypass Through User-Controlled Key
CWE-125: Out-of-bounds Read
CWE-404: Improper Resource Shutdown or Release
CWE-275: CWE-275
CWE-284: Improper Access Control
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333: Inefficient Regular Expression Complexity
CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416: Use After Free
CWE-401: Missing Release of Memory after Effective Lifetime
CWE-476: NULL Pointer Dereference
CWE-295: Improper Certificate Validation
CWE-668: Exposure of Resource to Wrong Sphere
CWE-829: Inclusion of Functionality from Untrusted Control Sphere
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-502: Deserialization of Untrusted Data
CWE-918: Server-Side Request Forgery (SSRF)
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787: Out-of-bounds Write
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-122: Heap-based Buffer Overflow
CWE-121: Stack-based Buffer Overflow
CWE-681: Incorrect Conversion between Numeric Types
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269: Improper Privilege Management
CWE-20: Improper Input Validation
CWE-87: Improper Neutralization of Alternate XSS Syntax
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18: CWE-18
CWE-385: Covert Timing Channel
CWE-606: Unchecked Input for Loop Condition
CWE-192: Integer Coercion Error
CWE-390: Detection of Error Condition Without Action
CWE-1325: Improperly Controlled Sequential Memory Allocation
CWE-222: Truncation of Security-relevant Information
CWE-131: Incorrect Calculation of Buffer Size
CWE-59: Improper Link Resolution Before File Access ('Link Following')
CWE-304: Missing Critical Step in Authentication
CWE-502
- Deserialization of Untrusted Data
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
oracle_sql_developer
oracle
|
cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
61 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_studio
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
oracle_secure_backup
oracle
|
cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
CWE-311
- Missing Encryption of Sensitive Data
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_nosql_database
oracle
|
cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_studio
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*
|
— | |
|
oracle_essbase
oracle
|
cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
CWE-122
- Heap-based Buffer Overflow
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_goldengate
oracle
|
cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
oracle_goldengate_studio
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
0.0 (None)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
5.6 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
5.6 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
5.6 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
6.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
CWE-20
- Improper Input Validation
Affected products
Known affected
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— |
CWE-20
- Improper Input Validation
Affected products
Known affected
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
application_express_administration
oracle
|
cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*
|
— | |
|
application_express_customers_plugin
oracle
|
cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*
|
— | |
|
application_express_team_calendar_plugin
oracle
|
cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
oracle_nosql_database
oracle
|
cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data
oracle
|
cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
43 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
45 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*
|
— | |
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*
|
— |
CWE-1333
- Inefficient Regular Expression Complexity
6.5 (Medium)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*
|
— |
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
CWE-835
- Loop with Unreachable Exit Condition ('Infinite Loop')
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
CWE-20
- Improper Input Validation
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
CWE-787
- Out-of-bounds Write
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
4.3 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_xml_database
oracle
|
cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_xml_database
oracle
|
cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_xml_database
oracle
|
cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*
|
— |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_java_vm
oracle
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_java_vm
oracle
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
database_-_java_vm
oracle
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*
|
— |
4.9 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
oracle_application_express
oracle_corporation
|
cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
CWE-476
- NULL Pointer Dereference
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*
|
— | |
|
autonomous_health_framework
oracle
|
cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_veridata
oracle
|
cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
|
— | |
|
sqlcl
oracle
|
cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph_mapviewer
oracle
|
cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning_-_micronaut
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
— | |
|
sql_developer
oracle
|
cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*
|
— | |
|
goldengate_stream_analytics
oracle
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
fleet_patching_and_provisioning
oracle
|
cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*
|
— | |
|
management_pack_for__goldengate
oracle
|
cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*
|
— | |
|
goldengate
oracle
|
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_big_data_and_application_adapters
oracle
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*
|
— | |
|
goldengate_studio
oracle
|
cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
|
— | |
|
graalvm_for_jdk
oracle
|
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*
|
— | |
|
nosql_database
oracle
|
cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_grid
oracle
|
cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
database_-_grid
oracle
|
cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
CWE-77
- Improper Neutralization of Special Elements used in a Command ('Command Injection')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_security
oracle
|
cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*
|
— |
7.1 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
blockchain_platform
oracle
|
cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
10.0 (Critical)
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*
|
— | |
|
spatial_and_graph
oracle
|
cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*
|
— | |
|
secure_backup
oracle
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*
|
— | |
|
essbase
oracle
|
cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*
|
— | |
|
database_-_core
oracle
|
cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*
|
— | |
|
application_express
oracle
|
cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*
|
— |
References
105 references
| URL | Category |
|---|---|
| https://www.oracle.com/security-alerts/cpuoct2024.html | external |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CWE-18",
"title": "CWE-18"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database producten",
"tracking": {
"current_release_date": "2024-10-17T13:15:19.595269Z",
"id": "NCSC-2024-0411",
"initial_release_date": "2024-10-17T13:15:19.595269Z",
"revision_history": [
{
"date": "2024-10-17T13:15:19.595269Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673504",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673507",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673508",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph_mapviewer",
"product": {
"name": "spatial_and_graph_mapviewer",
"product_id": "CSAFPID-912561",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-764250",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673511",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673512",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-816800",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673529",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning_-_micronaut",
"product": {
"name": "fleet_patching_and_provisioning_-_micronaut",
"product_id": "CSAFPID-1673492",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning",
"product": {
"name": "fleet_patching_and_provisioning",
"product_id": "CSAFPID-1503603",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673445",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673443",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673444",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673451",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673450",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-1673525",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912046",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816855",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816361",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503302",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816852",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816853",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816854",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-816801",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-1673405",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_administration",
"product": {
"name": "application_express_administration",
"product_id": "CSAFPID-764731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_customers_plugin",
"product": {
"name": "application_express_customers_plugin",
"product_id": "CSAFPID-764732",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_team_calendar_plugin",
"product": {
"name": "application_express_team_calendar_plugin",
"product_id": "CSAFPID-764733",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-266119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1503575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673188",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-764779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-89587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-765259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-187448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-94075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-220886",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-611394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-816317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-912567",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1503612",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1673479",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_essbase",
"product": {
"name": "oracle_essbase",
"product_id": "CSAFPID-1650506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-816845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1673404",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650831",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data",
"product": {
"name": "goldengate_big_data",
"product_id": "CSAFPID-764274",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-764752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-1673384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220192",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-816846",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-611390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-764803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_veridata",
"product": {
"name": "goldengate_veridata",
"product_id": "CSAFPID-764275",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-342816",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-485902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-219912",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_stream_analytics",
"product": {
"name": "oracle_goldengate_stream_analytics",
"product_id": "CSAFPID-1650515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-764861",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-1503640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_studio",
"product": {
"name": "oracle_goldengate_studio",
"product_id": "CSAFPID-1650835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate",
"product": {
"name": "oracle_goldengate",
"product_id": "CSAFPID-1650575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764813",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503661",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503663",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673497",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673491",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673495",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673489",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673488",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650757",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650758",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650760",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_nosql_database",
"product": {
"name": "oracle_nosql_database",
"product_id": "CSAFPID-1650584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_secure_backup",
"product": {
"name": "oracle_secure_backup",
"product_id": "CSAFPID-1650563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-667692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-345049",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-611417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-1673422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_sql_developer",
"product": {
"name": "oracle_sql_developer",
"product_id": "CSAFPID-1650638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-764822",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-220643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816870",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816871",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-1673397",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "oracle_application_express",
"product": {
"name": "oracle_application_express",
"product_id": "CSAFPID-1673144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle_corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-220886",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764822",
"CSAFPID-1650515",
"CSAFPID-1650638",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-89587",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-1471",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json"
}
],
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"notes": [
{
"category": "other",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-34169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-37454",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-37454",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
}
],
"title": "CVE-2022-37454"
},
{
"cve": "CVE-2022-38136",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38136",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json"
}
],
"title": "CVE-2022-38136"
},
{
"cve": "CVE-2022-40196",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40196",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json"
}
],
"title": "CVE-2022-40196"
},
{
"cve": "CVE-2022-41342",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41342",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json"
}
],
"title": "CVE-2022-41342"
},
{
"cve": "CVE-2022-42919",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json"
}
],
"title": "CVE-2022-42919"
},
{
"cve": "CVE-2022-45061",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45061",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
}
],
"title": "CVE-2022-45061"
},
{
"cve": "CVE-2022-46337",
"product_status": {
"known_affected": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-46337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
}
],
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-4043",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-4759",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4759",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-4759"
},
{
"cve": "CVE-2023-4863",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4863",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json"
}
],
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5072",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-26551",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26551",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26551"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-26555",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26555",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26555"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-33201",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-37920",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-37920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
}
],
"title": "CVE-2023-37920"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-44981",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44981",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
}
],
"title": "CVE-2023-44981"
},
{
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45288",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49083",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "other",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51384",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51385",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52426",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-1874",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1874",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-1874"
},
{
"cve": "CVE-2024-2408",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-2408"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2511",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4577",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4603",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4741",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5458",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5458",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5458"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-5585",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5585",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5585"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-21131",
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json"
}
],
"title": "CVE-2024-21131"
},
{
"cve": "CVE-2024-21138",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json"
}
],
"title": "CVE-2024-21138"
},
{
"cve": "CVE-2024-21140",
"product_status": {
"known_affected": [
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21140",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json"
}
],
"title": "CVE-2024-21140"
},
{
"cve": "CVE-2024-21144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json"
}
],
"title": "CVE-2024-21144"
},
{
"cve": "CVE-2024-21145",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21145",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json"
}
],
"title": "CVE-2024-21145"
},
{
"cve": "CVE-2024-21147",
"product_status": {
"known_affected": [
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21147",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json"
}
],
"title": "CVE-2024-21147"
},
{
"cve": "CVE-2024-21233",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-21233"
},
{
"cve": "CVE-2024-21242",
"product_status": {
"known_affected": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21242",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
}
],
"title": "CVE-2024-21242"
},
{
"cve": "CVE-2024-21251",
"product_status": {
"known_affected": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
}
],
"title": "CVE-2024-21251"
},
{
"cve": "CVE-2024-21261",
"product_status": {
"known_affected": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21261",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-21261"
},
{
"cve": "CVE-2024-22018",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22018",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22018"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-23944",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23944",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23944"
},
{
"cve": "CVE-2024-24989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24989",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json"
}
],
"title": "CVE-2024-24989"
},
{
"cve": "CVE-2024-24990",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24990",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-24990"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-27983",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27983",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-27983"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-28887",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-28887"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-31079",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31079",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-31079"
},
{
"cve": "CVE-2024-32760",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-34161",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34161",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-34161"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35200",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35200",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-35200"
},
{
"cve": "CVE-2024-36137",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36137",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-36137"
},
{
"cve": "CVE-2024-36138",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json"
}
],
"title": "CVE-2024-36138"
},
{
"cve": "CVE-2024-36387",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36387",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-36387"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37372",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37372",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-37372"
},
{
"cve": "CVE-2024-38356",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38356",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38356"
},
{
"cve": "CVE-2024-38357",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38357",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38357"
},
{
"cve": "CVE-2024-38472",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38472",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38472"
},
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38473",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38473"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38474"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38476",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38476"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38477",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39573",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39573"
},
{
"cve": "CVE-2024-39884",
"cwe": {
"id": "CWE-18",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-18",
"title": "CWE-18"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39884",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39884"
},
{
"cve": "CVE-2024-40725",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40725",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40725"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-45801"
}
]
}
NCSC-2024-0412
Vulnerability from csaf_ncscnl - Published: 2024-10-17 13:16 - Updated: 2024-10-17 13:16Summary
Kwetsbaarheden verholpen in Oracle Peoplesoft
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in Peoplesoft.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service (DoS) te veroorzaken, of om toegang te krijgen tot (persoons)gevoelige gegevens in de database en deze mogelijk te manipuleren.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-405: Asymmetric Resource Consumption (Amplification)
CWE-450: Multiple Interpretations of UI Input
CWE-345: Insufficient Verification of Data Authenticity
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-295: Improper Certificate Validation
CWE-20: Improper Input Validation
5.5 (Medium)
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_benefits_administration
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_benefits_administration:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_crm_client_management
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_crm_client_management:9.2:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_hcm_human_resources
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_shared_components
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— |
CWE-416
- Use After Free
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_human_resources
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_shared_components
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— |
6.2 (Medium)
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_human_resources
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_shared_components
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_benefits_administration
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_benefits_administration:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_crm_client_management
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_crm_client_management:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_human_resources
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_shared_components
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
4.3 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_fin_expenses
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_fin_expenses:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
8.8 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_cc_common_application_objects
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_hcm_global_payroll_core
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.48-9.2.50:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft_enterprise_elm_enterprise_learning_management
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_elm_enterprise_learning_management:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft
oracle
|
cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft___9.2.50
oracle
|
cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_benefits_administration
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_benefits_administration:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_crm_client_management
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_crm_client_management:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_human_resources
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_hcm_shared_components
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*
|
— | |
|
peoplesoft_enterprise_peopletools
oracle
|
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*
|
— |
References
14 references
| URL | Category |
|---|---|
| https://www.oracle.com/security-alerts/cpuoct2024.html | external |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Peoplesoft.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service (DoS) te veroorzaken, of om toegang te krijgen tot (persoons)gevoelige gegevens in de database en deze mogelijk te manipuleren.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
},
{
"category": "general",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Peoplesoft",
"tracking": {
"current_release_date": "2024-10-17T13:16:18.175855Z",
"id": "NCSC-2024-0412",
"initial_release_date": "2024-10-17T13:16:18.175855Z",
"revision_history": [
{
"date": "2024-10-17T13:16:18.175855Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "peoplesoft",
"product": {
"name": "peoplesoft",
"product_id": "CSAFPID-1676099",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft:8.59:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft",
"product": {
"name": "peoplesoft",
"product_id": "CSAFPID-1676097",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft:8.60:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft",
"product": {
"name": "peoplesoft",
"product_id": "CSAFPID-1676096",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft:8.61:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft",
"product": {
"name": "peoplesoft",
"product_id": "CSAFPID-1676098",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft___9.2.50",
"product": {
"name": "peoplesoft___9.2.50",
"product_id": "CSAFPID-1676100",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft___9.2.50:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_cc_common_application_objects",
"product": {
"name": "peoplesoft_enterprise_cc_common_application_objects",
"product_id": "CSAFPID-449779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_cc_common_application_objects:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_crm_client_management",
"product": {
"name": "peoplesoft_enterprise_crm_client_management",
"product_id": "CSAFPID-912607",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_crm_client_management:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_elm_enterprise_learning_management",
"product": {
"name": "peoplesoft_enterprise_elm_enterprise_learning_management",
"product_id": "CSAFPID-1673472",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_elm_enterprise_learning_management:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_fin_expenses",
"product": {
"name": "peoplesoft_enterprise_fin_expenses",
"product_id": "CSAFPID-172664",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_expenses:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_benefits_administration",
"product": {
"name": "peoplesoft_enterprise_hcm_benefits_administration",
"product_id": "CSAFPID-912052",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_benefits_administration:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673774",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673748",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673791",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.12:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673786",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.13:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673768",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673757",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673788",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673775",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673769",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673753",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.19:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673785",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673770",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.20:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673787",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.21:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673796",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673749",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.23:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673760",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673777",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.25:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673793",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673794",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.27:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673755",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.28:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.29:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.30:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.31:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673792",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.32:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673781",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.34:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673771",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.35:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673758",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.36:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673789",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.37:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673776",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.38:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.39:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673772",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.41:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673782",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.42:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673797",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.43:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673750",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.44:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673780",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.46:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673783",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.47:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673471",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.48-9.2.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673795",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.48:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673756",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.49:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673784",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.50:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673773",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673751",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673754",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product": {
"name": "peoplesoft_enterprise_hcm_global_payroll_core",
"product_id": "CSAFPID-1673790",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_global_payroll_core:9.2.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_human_resources",
"product": {
"name": "peoplesoft_enterprise_hcm_human_resources",
"product_id": "CSAFPID-172663",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_human_resources:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_hcm_shared_components",
"product": {
"name": "peoplesoft_enterprise_hcm_shared_components",
"product_id": "CSAFPID-607590",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_hcm_shared_components:9.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1682",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1681",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.60:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-816362",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.61:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503667",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.59:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503672",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.60:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503676",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_opensearch___8.61:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503669",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.59:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503673",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.60:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "peoplesoft_enterprise_peopletools",
"product": {
"name": "peoplesoft_enterprise_peopletools",
"product_id": "CSAFPID-1503678",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:_web_server___8.61:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5752",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5752",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5752.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607"
]
}
],
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-37920",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1682",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1681",
"CSAFPID-1503676",
"CSAFPID-1503678",
"CSAFPID-816362"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-37920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1682",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1681",
"CSAFPID-1503676",
"CSAFPID-1503678",
"CSAFPID-816362"
]
}
],
"title": "CVE-2023-37920"
},
{
"cve": "CVE-2024-0232",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1682",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1681",
"CSAFPID-1503676",
"CSAFPID-1503678",
"CSAFPID-816362"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0232.json"
}
],
"title": "CVE-2024-0232"
},
{
"cve": "CVE-2024-0450",
"cwe": {
"id": "CWE-450",
"name": "Multiple Interpretations of UI Input"
},
"notes": [
{
"category": "other",
"text": "Multiple Interpretations of UI Input",
"title": "CWE-450"
},
{
"category": "other",
"text": "Asymmetric Resource Consumption (Amplification)",
"title": "CWE-405"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1682",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1681",
"CSAFPID-1503676",
"CSAFPID-1503678",
"CSAFPID-816362"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0450",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1682",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1681",
"CSAFPID-1503676",
"CSAFPID-1503678",
"CSAFPID-816362"
]
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1503676",
"CSAFPID-1503678"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1503676",
"CSAFPID-1503678"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-21202",
"product_status": {
"known_affected": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21202"
},
{
"cve": "CVE-2024-21214",
"product_status": {
"known_affected": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21214",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21214.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21214"
},
{
"cve": "CVE-2024-21249",
"product_status": {
"known_affected": [
"CSAFPID-172664",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21249",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-172664",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21249"
},
{
"cve": "CVE-2024-21255",
"product_status": {
"known_affected": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21255",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21255.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816362",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21255"
},
{
"cve": "CVE-2024-21264",
"product_status": {
"known_affected": [
"CSAFPID-449779",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-449779",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21264"
},
{
"cve": "CVE-2024-21283",
"product_status": {
"known_affected": [
"CSAFPID-1673471",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21283",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21283.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673471",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21283"
},
{
"cve": "CVE-2024-21286",
"product_status": {
"known_affected": [
"CSAFPID-1673472",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21286.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673472",
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100"
]
}
],
"title": "CVE-2024-21286"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1503676",
"CSAFPID-1503678"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1676096",
"CSAFPID-1676097",
"CSAFPID-1676098",
"CSAFPID-1676099",
"CSAFPID-1676100",
"CSAFPID-1681",
"CSAFPID-1682",
"CSAFPID-816362",
"CSAFPID-912052",
"CSAFPID-912607",
"CSAFPID-172663",
"CSAFPID-607590",
"CSAFPID-1503667",
"CSAFPID-1503669",
"CSAFPID-1503672",
"CSAFPID-1503673",
"CSAFPID-1503676",
"CSAFPID-1503678"
]
}
],
"title": "CVE-2024-26130"
}
]
}
NCSC-2025-0028
Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:36 - Updated: 2025-01-22 13:36Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-416: Use After Free
CWE-476: NULL Pointer Dereference
CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-502: Deserialization of Untrusted Data
CWE-248: Uncaught Exception
CWE-674: Uncontrolled Recursion
CWE-611: Improper Restriction of XML External Entity Reference
CWE-787: Out-of-bounds Write
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-789: Memory Allocation with Excessive Size Value
CWE-20: Improper Input Validation
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1395: Dependency on Vulnerable Third-Party Component
CWE-670: Always-Incorrect Control Flow Implementation
CWE-399: CWE-399
CWE-326: Inadequate Encryption Strength
CWE-669: Incorrect Resource Transfer Between Spheres
CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-834: Excessive Iteration
CWE-311: Missing Encryption of Sensitive Data
CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-125: Out-of-bounds Read
CWE-404: Improper Resource Shutdown or Release
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333: Inefficient Regular Expression Complexity
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
5.3 (Medium)
Affected products
Known affected
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
CWE-248
- Uncaught Exception
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
8.6 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
CWE-404
- Improper Resource Shutdown or Release
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
4.4 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
CWE-416
- Use After Free
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— |
9.1 (Critical)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
8.2 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
6.1 (Medium)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.5 (High)
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.3 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
— |
8.1 (High)
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— |
5.4 (Medium)
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence_enterprise_edition
oracle
|
cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
5.7 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
8.6 (High)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
4.4 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
8.0 (High)
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
— |
5.9 (Medium)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*
|
— | |
|
bi_publisher
oracle
|
cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*
|
— |
9.8 (Critical)
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*
|
— | |
|
business_intelligence
oracle
|
cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*
|
— |
7.8 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
analytics_desktop
oracle
|
cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*
|
— |
References
40 references
| URL | Category |
|---|---|
| https://www.oracle.com/security-alerts/cpujan2025.html | external |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2016… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2020… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2020… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2020… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2020… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2021… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2021… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2022… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2023… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2024… | self |
| https://api.ncsc.nl/velma/v1/vulnerabilities/2025… | self |
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Uncaught Exception",
"title": "CWE-248"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
},
{
"category": "general",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
},
{
"category": "general",
"text": "CWE-399",
"title": "CWE-399"
},
{
"category": "general",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Analytics",
"tracking": {
"current_release_date": "2025-01-22T13:36:58.196605Z",
"id": "NCSC-2025-0028",
"initial_release_date": "2025-01-22T13:36:58.196605Z",
"revision_history": [
{
"date": "2025-01-22T13:36:58.196605Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-1503296",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-220360",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-135810",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-219994",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:enterprise:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-219817",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:6.4.0.0.0:enterprise:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-1503297",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-257324",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-1503298",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence",
"product": {
"name": "business_intelligence",
"product_id": "CSAFPID-1650736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764234",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765387",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764778",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764929",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764235",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764236",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-1503574",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-1503573",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765388",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764727",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764729",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765383",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765389",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764725",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764728",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764730",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-764726",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "business_intelligence_enterprise_edition",
"product": {
"name": "business_intelligence_enterprise_edition",
"product_id": "CSAFPID-765386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-9197",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-9493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-220546",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-228391",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-220545",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-220560",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bi_publisher",
"product": {
"name": "bi_publisher",
"product_id": "CSAFPID-1673195",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816763",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-816762",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-1751172",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:8.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-1650735",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "analytics_desktop",
"product": {
"name": "analytics_desktop",
"product_id": "CSAFPID-1751157",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10000",
"references": [
{
"category": "self",
"summary": "CVE-2016-10000",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2016/CVE-2016-10000.json"
}
],
"title": "CVE-2016-10000"
},
{
"cve": "CVE-2020-2849",
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-2849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-2849.json"
}
],
"title": "CVE-2020-2849"
},
{
"cve": "CVE-2020-7760",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-764778",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-7760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-7760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-764778",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-257324"
]
}
],
"title": "CVE-2020-7760"
},
{
"cve": "CVE-2020-13956",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-228391",
"CSAFPID-764778",
"CSAFPID-220546",
"CSAFPID-9197",
"CSAFPID-764929",
"CSAFPID-764930",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-1503574",
"CSAFPID-257324",
"CSAFPID-135810"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13956",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-228391",
"CSAFPID-764778",
"CSAFPID-220546",
"CSAFPID-9197",
"CSAFPID-764929",
"CSAFPID-764930",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-1503574",
"CSAFPID-257324",
"CSAFPID-135810"
]
}
],
"title": "CVE-2020-13956"
},
{
"cve": "CVE-2020-28975",
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-28975",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28975.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2020-28975"
},
{
"cve": "CVE-2021-23926",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9493",
"CSAFPID-764778",
"CSAFPID-228391",
"CSAFPID-135810",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-220546",
"CSAFPID-9197",
"CSAFPID-764929",
"CSAFPID-764930"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-23926",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9493",
"CSAFPID-764778",
"CSAFPID-228391",
"CSAFPID-135810",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-220546",
"CSAFPID-9197",
"CSAFPID-764929",
"CSAFPID-764930"
]
}
],
"title": "CVE-2021-23926"
},
{
"cve": "CVE-2021-33813",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9197",
"CSAFPID-9493",
"CSAFPID-228391",
"CSAFPID-764778",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-135810"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-33813",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9197",
"CSAFPID-9493",
"CSAFPID-228391",
"CSAFPID-764778",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-765383",
"CSAFPID-765384",
"CSAFPID-765385",
"CSAFPID-765386",
"CSAFPID-765387",
"CSAFPID-765388",
"CSAFPID-765389",
"CSAFPID-135810"
]
}
],
"title": "CVE-2021-33813"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9493",
"CSAFPID-764778",
"CSAFPID-228391",
"CSAFPID-135810",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40150",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40150.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764234",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764235",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-764236",
"CSAFPID-9493",
"CSAFPID-764778",
"CSAFPID-228391",
"CSAFPID-135810",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574"
]
}
],
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "other",
"text": "Creation of Temporary File in Directory with Insecure Permissions",
"title": "CWE-379"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-4785",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"notes": [
{
"category": "other",
"text": "Uncaught Exception",
"title": "CWE-248"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4785",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4785.json"
}
],
"title": "CVE-2023-4785"
},
{
"cve": "CVE-2023-7272",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-7272",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-7272"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-399",
"title": "CWE-399"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-764778",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-764725",
"CSAFPID-764726",
"CSAFPID-764727",
"CSAFPID-764728",
"CSAFPID-764729",
"CSAFPID-764730",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-135810"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-24998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
}
],
"title": "CVE-2023-24998"
},
{
"cve": "CVE-2023-25399",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-25399",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-25399"
},
{
"cve": "CVE-2023-29824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29824",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29824.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-29824"
},
{
"cve": "CVE-2023-32732",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-32732",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32732.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-32732"
},
{
"cve": "CVE-2023-33202",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650735",
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33202",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650735",
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-33202"
},
{
"cve": "CVE-2023-33953",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33953",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33953.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-33953"
},
{
"cve": "CVE-2023-43804",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-43804",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43804.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-43804"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220545",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764235",
"CSAFPID-764236",
"CSAFPID-816761",
"CSAFPID-816762",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45803",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45803",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45803.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-45803"
},
{
"cve": "CVE-2023-50782",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-50782",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50782.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
}
],
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-135810",
"CSAFPID-1650736",
"CSAFPID-257324",
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-0727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-135810",
"CSAFPID-1650736",
"CSAFPID-257324",
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-1135",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1135",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-1135"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-1650736",
"CSAFPID-257324",
"CSAFPID-135810"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4741",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Dependency on Vulnerable Third-Party Component",
"title": "CWE-1395"
}
],
"product_status": {
"known_affected": [
"CSAFPID-135810",
"CSAFPID-1650736",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-135810",
"CSAFPID-1650736",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220560",
"CSAFPID-1673195",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-220560",
"CSAFPID-1673195",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-22195",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-9493",
"CSAFPID-220560",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-1503574",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-220560",
"CSAFPID-1673195"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-220560",
"CSAFPID-1673195"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-1650736"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-257324",
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-1650736"
]
}
],
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34064",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-816763",
"CSAFPID-1503573",
"CSAFPID-765385",
"CSAFPID-764234",
"CSAFPID-764236",
"CSAFPID-1503574",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-35195",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "other",
"text": "Always-Incorrect Control Flow Implementation",
"title": "CWE-670"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35195",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-36114",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36114",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-36114"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38809",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220560",
"CSAFPID-1673195",
"CSAFPID-1650736",
"CSAFPID-257324",
"CSAFPID-135810"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38809",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-220560",
"CSAFPID-1673195",
"CSAFPID-1650736",
"CSAFPID-257324",
"CSAFPID-135810"
]
}
],
"title": "CVE-2024-38809"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220560",
"CSAFPID-1673195"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-220560",
"CSAFPID-1673195"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-43382",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Inadequate Encryption Strength",
"title": "CWE-326"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220560",
"CSAFPID-1673195"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43382",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43382.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-220560",
"CSAFPID-1673195"
]
}
],
"title": "CVE-2024-43382"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650736",
"CSAFPID-257324"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2025-21532",
"product_status": {
"known_affected": [
"CSAFPID-1751157"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21532",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21532.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1751157"
]
}
],
"title": "CVE-2025-21532"
}
]
}
OPENSUSE-SU-2024:13710-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
python310-cryptography-42.0.4-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: python310-cryptography-42.0.4-1.1 on GA media
Description of the patch: These are all security issues fixed in the python310-cryptography-42.0.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13710
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.2 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-cryptography-42.0.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-cryptography-42.0.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13710",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13710-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26130 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26130/"
}
],
"title": "python310-cryptography-42.0.4-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13710-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-cryptography-42.0.4-1.1.aarch64",
"product": {
"name": "python310-cryptography-42.0.4-1.1.aarch64",
"product_id": "python310-cryptography-42.0.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-cryptography-42.0.4-1.1.aarch64",
"product": {
"name": "python311-cryptography-42.0.4-1.1.aarch64",
"product_id": "python311-cryptography-42.0.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-cryptography-42.0.4-1.1.aarch64",
"product": {
"name": "python312-cryptography-42.0.4-1.1.aarch64",
"product_id": "python312-cryptography-42.0.4-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python39-cryptography-42.0.4-1.1.aarch64",
"product": {
"name": "python39-cryptography-42.0.4-1.1.aarch64",
"product_id": "python39-cryptography-42.0.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-cryptography-42.0.4-1.1.ppc64le",
"product": {
"name": "python310-cryptography-42.0.4-1.1.ppc64le",
"product_id": "python310-cryptography-42.0.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-cryptography-42.0.4-1.1.ppc64le",
"product": {
"name": "python311-cryptography-42.0.4-1.1.ppc64le",
"product_id": "python311-cryptography-42.0.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-cryptography-42.0.4-1.1.ppc64le",
"product": {
"name": "python312-cryptography-42.0.4-1.1.ppc64le",
"product_id": "python312-cryptography-42.0.4-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python39-cryptography-42.0.4-1.1.ppc64le",
"product": {
"name": "python39-cryptography-42.0.4-1.1.ppc64le",
"product_id": "python39-cryptography-42.0.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-cryptography-42.0.4-1.1.s390x",
"product": {
"name": "python310-cryptography-42.0.4-1.1.s390x",
"product_id": "python310-cryptography-42.0.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-cryptography-42.0.4-1.1.s390x",
"product": {
"name": "python311-cryptography-42.0.4-1.1.s390x",
"product_id": "python311-cryptography-42.0.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-cryptography-42.0.4-1.1.s390x",
"product": {
"name": "python312-cryptography-42.0.4-1.1.s390x",
"product_id": "python312-cryptography-42.0.4-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python39-cryptography-42.0.4-1.1.s390x",
"product": {
"name": "python39-cryptography-42.0.4-1.1.s390x",
"product_id": "python39-cryptography-42.0.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-cryptography-42.0.4-1.1.x86_64",
"product": {
"name": "python310-cryptography-42.0.4-1.1.x86_64",
"product_id": "python310-cryptography-42.0.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-cryptography-42.0.4-1.1.x86_64",
"product": {
"name": "python311-cryptography-42.0.4-1.1.x86_64",
"product_id": "python311-cryptography-42.0.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-cryptography-42.0.4-1.1.x86_64",
"product": {
"name": "python312-cryptography-42.0.4-1.1.x86_64",
"product_id": "python312-cryptography-42.0.4-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python39-cryptography-42.0.4-1.1.x86_64",
"product": {
"name": "python39-cryptography-42.0.4-1.1.x86_64",
"product_id": "python39-cryptography-42.0.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-cryptography-42.0.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.aarch64"
},
"product_reference": "python310-cryptography-42.0.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-cryptography-42.0.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.ppc64le"
},
"product_reference": "python310-cryptography-42.0.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-cryptography-42.0.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.s390x"
},
"product_reference": "python310-cryptography-42.0.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-cryptography-42.0.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.x86_64"
},
"product_reference": "python310-cryptography-42.0.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-cryptography-42.0.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.aarch64"
},
"product_reference": "python311-cryptography-42.0.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-cryptography-42.0.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.ppc64le"
},
"product_reference": "python311-cryptography-42.0.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-cryptography-42.0.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.s390x"
},
"product_reference": "python311-cryptography-42.0.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-cryptography-42.0.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.x86_64"
},
"product_reference": "python311-cryptography-42.0.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-cryptography-42.0.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.aarch64"
},
"product_reference": "python312-cryptography-42.0.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-cryptography-42.0.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.ppc64le"
},
"product_reference": "python312-cryptography-42.0.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-cryptography-42.0.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.s390x"
},
"product_reference": "python312-cryptography-42.0.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-cryptography-42.0.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.x86_64"
},
"product_reference": "python312-cryptography-42.0.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-cryptography-42.0.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.aarch64"
},
"product_reference": "python39-cryptography-42.0.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-cryptography-42.0.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.ppc64le"
},
"product_reference": "python39-cryptography-42.0.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-cryptography-42.0.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.s390x"
},
"product_reference": "python39-cryptography-42.0.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-cryptography-42.0.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.x86_64"
},
"product_reference": "python39-cryptography-42.0.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-26130",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26130"
}
],
"notes": [
{
"category": "general",
"text": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26130",
"url": "https://www.suse.com/security/cve/CVE-2024-26130"
},
{
"category": "external",
"summary": "SUSE Bug 1220210 for CVE-2024-26130",
"url": "https://bugzilla.suse.com/1220210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python310-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python311-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python312-cryptography-42.0.4-1.1.x86_64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.aarch64",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.ppc64le",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.s390x",
"openSUSE Tumbleweed:python39-cryptography-42.0.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-26130"
}
]
}
PYSEC-2024-225
Vulnerability from pysec - Published: 2024-02-21 17:15 - Updated: 2025-02-06 00:34
VLAI
Details
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if pkcs12.serialize_key_and_certificates is called with both a certificate whose public key did not match the provided private key and an encryption_algorithm with hmac_hash set (via PrivateFormat.PKCS12.encryption_builder().hmac_hash(...), then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a ValueError is properly raised.
Severity
7.5 (High)
Impacted products
| Name | purl | cryptography | pkg:pypi/cryptography |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "cryptography",
"purl": "pkg:pypi/cryptography"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "97d231672763cdb5959a3b191e692a362f1b9e55"
}
],
"repo": "https://github.com/pyca/cryptography",
"type": "GIT"
},
{
"events": [
{
"introduced": "38.0.0"
},
{
"fixed": "42.0.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"38.0.0",
"38.0.1",
"38.0.2",
"38.0.3",
"38.0.4",
"39.0.0",
"39.0.1",
"39.0.2",
"40.0.0",
"40.0.1",
"40.0.2",
"41.0.0",
"41.0.1",
"41.0.2",
"41.0.3",
"41.0.4",
"41.0.5",
"41.0.6",
"41.0.7",
"42.0.0",
"42.0.1",
"42.0.2",
"42.0.3"
]
}
],
"aliases": [
"CVE-2024-26130",
"GHSA-6vqw-3v5j-54x4"
],
"details": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and prior to version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.",
"id": "PYSEC-2024-225",
"modified": "2025-02-06T00:34:24.427679+00:00",
"published": "2024-02-21T17:15:09+00:00",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/pyca/cryptography/security/advisories/GHSA-6vqw-3v5j-54x4"
},
{
"type": "FIX",
"url": "https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55"
},
{
"type": "FIX",
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"type": "REPORT",
"url": "https://github.com/pyca/cryptography/pull/10423"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-6vqw-3v5j-54x4"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…