Vulnerability-Lookup

CVE-2024-38820 (GCVE-0-2024-38820)

Vulnerability from cvelistv5 – Published: 2024-10-18 05:39 – Updated: 2024-11-29 12:04

Title

CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception

Summary

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.

Severity

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-178 - Improper Handling of Case Sensitivity

Assigner

vmware

References

2 references

URL	Tags
https://spring.io/security/cve-2024-38820
https://security.netapp.com/advisory/ntap-2024112…

Impacted products

1 product

Vendor	Product	Version
VMware	Spring	Affected: 5.3.x , < 5.3.41 (Enterprise Support Only) Affected: 6.0.x , < 6.0.25 (Enterprise Support Only) Affected: 6.1.x , < 6.1.14 (OSS)

Date Public

2024-10-17 05:32

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38820",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-18T16:33:48.971617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-178",
                "description": "CWE-178 Improper Handling of Case Sensitivity",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T20:15:24.631Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-29T12:04:41.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241129-0003/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "packageName": "Spring Framework",
          "product": "Spring",
          "vendor": "VMware",
          "versions": [
            {
              "lessThan": "5.3.41",
              "status": "affected",
              "version": "5.3.x",
              "versionType": "Enterprise Support Only"
            },
            {
              "lessThan": "6.0.25",
              "status": "affected",
              "version": "6.0.x",
              "versionType": "Enterprise Support Only"
            },
            {
              "lessThan": "6.1.14",
              "status": "affected",
              "version": "6.1.x",
              "versionType": "OSS"
            }
          ]
        }
      ],
      "datePublic": "2024-10-17T05:32:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
            }
          ],
          "value": "The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-18T05:39:05.275Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2024-38820"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-38820",
    "datePublished": "2024-10-18T05:39:05.275Z",
    "dateReserved": "2024-06-19T22:32:06.583Z",
    "dateUpdated": "2024-11-29T12:04:41.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-38820",
      "date": "2026-06-18",
      "epss": "0.00631",
      "percentile": "0.45442"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.3.0\", \"versionEndExcluding\": \"5.3.41\", \"matchCriteriaId\": \"CF21F5D2-C4C5-4F24-AC72-D035237FF88E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.0\", \"versionEndExcluding\": \"6.0.25\", \"matchCriteriaId\": \"39D2699C-C6AD-4D79-A35B-2D273FA1C97C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.1.0\", \"versionEndExcluding\": \"6.1.14\", \"matchCriteriaId\": \"34886C2E-A108-48D6-9536-D33EF3C90A0A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The fix for CVE-2022-22968 made disallowedFields\\u00a0patterns in DataBinder\\u00a0case insensitive. However, String.toLowerCase()\\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\"}, {\"lang\": \"es\", \"value\": \"La correcci\\u00f3n de CVE-2022-22968 hizo que los patrones disallowedFields en DataBinder no distingan entre may\\u00fasculas y min\\u00fasculas. Sin embargo, String.toLowerCase() tiene algunas excepciones dependientes de la configuraci\\u00f3n regional que podr\\u00edan generar campos no protegidos como se esperaba.\"}]",
      "id": "CVE-2024-38820",
      "lastModified": "2024-11-29T12:15:07.007",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 3.1, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}]}",
      "published": "2024-10-18T06:15:03.333",
      "references": "[{\"url\": \"https://spring.io/security/cve-2024-38820\", \"source\": \"security@vmware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-178\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-38820\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-10-18T06:15:03.333\",\"lastModified\":\"2024-11-29T12:15:07.007\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The fix for CVE-2022-22968 made disallowedFields\u00a0patterns in DataBinder\u00a0case insensitive. However, String.toLowerCase()\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\"},{\"lang\":\"es\",\"value\":\"La correcci\u00f3n de CVE-2022-22968 hizo que los patrones disallowedFields en DataBinder no distingan entre may\u00fasculas y min\u00fasculas. Sin embargo, String.toLowerCase() tiene algunas excepciones dependientes de la configuraci\u00f3n regional que podr\u00edan generar campos no protegidos como se esperaba.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":3.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-178\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.3.0\",\"versionEndExcluding\":\"5.3.41\",\"matchCriteriaId\":\"CF21F5D2-C4C5-4F24-AC72-D035237FF88E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.25\",\"matchCriteriaId\":\"39D2699C-C6AD-4D79-A35B-2D273FA1C97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.0\",\"versionEndExcluding\":\"6.1.14\",\"matchCriteriaId\":\"34886C2E-A108-48D6-9536-D33EF3C90A0A\"}]}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2024-38820\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20241129-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0003/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-38820\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-18T16:33:48.971617Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-178\", \"description\": \"CWE-178 Improper Handling of Case Sensitivity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-18T16:33:52.621Z\"}}], \"cna\": {\"title\": \"CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"VMware\", \"product\": \"Spring\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.3.x\", \"lessThan\": \"5.3.41\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.0.x\", \"lessThan\": \"6.0.25\", \"versionType\": \"Enterprise Support Only\"}, {\"status\": \"affected\", \"version\": \"6.1.x\", \"lessThan\": \"6.1.14\", \"versionType\": \"OSS\"}], \"packageName\": \"Spring Framework\", \"defaultStatus\": \"affected\"}], \"datePublic\": \"2024-10-17T05:32:00.000Z\", \"references\": [{\"url\": \"https://spring.io/security/cve-2024-38820\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The fix for CVE-2022-22968 made disallowedFields\\u00a0patterns in DataBinder\\u00a0case insensitive. However, String.toLowerCase()\\u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe fix for CVE-2022-22968 made \u003ccode\u003edisallowedFields\u003c/code\u003e\u0026nbsp;patterns in \u003ccode\u003eDataBinder\u003c/code\u003e\u0026nbsp;case insensitive. However, \u003ccode\u003eString.toLowerCase()\u003c/code\u003e\u0026nbsp;has some Locale dependent exceptions that could potentially result in fields not protected as expected.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-10-18T05:39:05.275Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-38820\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-29T12:04:41.387Z\", \"dateReserved\": \"2024-06-19T22:32:06.583Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-10-18T05:39:05.275Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

NCSC-2025-0025

Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:33 - Updated: 2025-01-22 13:33

Summary

Kwetsbaarheden verholpen in Oracle Financial Services

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.

Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties variërend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-681: Incorrect Conversion between Numeric Types

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-131: Incorrect Calculation of Buffer Size

CWE-178: Improper Handling of Case Sensitivity

CWE-284: Improper Access Control

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-611: Improper Restriction of XML External Entity Reference

CWE-670: Always-Incorrect Control Flow Implementation

CWE-192: Integer Coercion Error

CWE-676: Use of Potentially Dangerous Function

CWE-222: Truncation of Security-relevant Information

CWE-755: Improper Handling of Exceptional Conditions

CWE-704: Incorrect Type Conversion or Cast

CWE-680: Integer Overflow to Buffer Overflow

CWE-426: Untrusted Search Path

CWE-354: Improper Validation of Integrity Check Value

CWE-190: Integer Overflow or Wraparound

CWE-532: Insertion of Sensitive Information into Log File

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

CWE-400: Uncontrolled Resource Consumption

CWE-502: Deserialization of Untrusted Data

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-34169

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-192 - Integer Coercion Error

Affected products

Known affected 155 products

CVE-2023-26031

CWE-426 - Untrusted Search Path

Affected products

Known affected 34 products

CVE-2023-33201

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 74 products

CVE-2023-39410

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 40 products

CVE-2023-44483

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Known affected 69 products

CVE-2023-48795

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-222 - Truncation of Security-relevant Information

Affected products

Known affected 69 products

CVE-2023-51074

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 45 products

CVE-2023-52070

8.4 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	—

CVE-2024-28219

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—
banking_liquidity_management oracle	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	—

CVE-2024-34064

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 36 products

CVE-2024-34750

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Known affected 3 products

Product	Identifier	Version
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	—

CVE-2024-35195

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

CWE-670 - Always-Incorrect Control Flow Implementation

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
banking_liquidity_management oracle	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—

CVE-2024-38819

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 9 products

Product	Identifier	Version
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 9 products

Product	Identifier	Version
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	—

CVE-2024-38827

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—

CVE-2024-38998

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 13 products

Product	Identifier	Version
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	—
financial_services_regulatory_reporting oracle	`cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:::::::*`	—
financial_services_regulatory_reporting oracle	`cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	—

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 13 products

Product	Identifier	Version
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	—
financial_services_regulatory_reporting oracle	`cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:::::::*`	—
financial_services_regulatory_reporting oracle	`cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	—

CVE-2024-45490

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 4 products

Product	Identifier	Version
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—

CVE-2024-45491

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 4 products

Product	Identifier	Version
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—

CVE-2024-45492

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Known affected 4 products

Product	Identifier	Version
financial_services_trade-based_anti_money_laundering oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—

CVE-2025-21550

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

Known affected 3 products

Product	Identifier	Version
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	—

References

22 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft meerdere kwetsbaarheden verholpen in Financial Services en componenten.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om toegang te krijgen tot kritieke gegevens en de systeemintegriteit in gevaar te brengen. Specifieke kwetsbaarheden kunnen leiden tot compromittering van vertrouwelijkheid, integriteit en beschikbaarheid, met schadeclassificaties vari\u00ebrend van gemiddeld tot hoog. Sommige kwetsbaarheden kunnen op afstand worden uitgebuit zonder gebruikersinteractie, wat het risico op privilege-escalatie en denial-of-service vergroot.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Incorrect Conversion between Numeric Types",
        "title": "CWE-681"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Incorrect Calculation of Buffer Size",
        "title": "CWE-131"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "Integer Coercion Error",
        "title": "CWE-192"
      },
      {
        "category": "general",
        "text": "Use of Potentially Dangerous Function",
        "title": "CWE-676"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Incorrect Type Conversion or Cast",
        "title": "CWE-704"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Untrusted Search Path",
        "title": "CWE-426"
      },
      {
        "category": "general",
        "text": "Improper Validation of Integrity Check Value",
        "title": "CWE-354"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
        "title": "CWE-757"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Financial Services",
    "tracking": {
      "current_release_date": "2025-01-22T13:33:00.723963Z",
      "id": "NCSC-2025-0025",
      "initial_release_date": "2025-01-22T13:33:00.723963Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:33:00.723963Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-342808",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345045",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751072",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345044",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751083",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345043",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-9522",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-345042",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-8848",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-93309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-93305",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189064",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189063",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-1751078",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_infrastructure",
            "product": {
              "name": "financial_services_analytical_applications_infrastructure",
              "product_id": "CSAFPID-189065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_reconciliation_framework",
            "product": {
              "name": "financial_services_analytical_applications_reconciliation_framework",
              "product_id": "CSAFPID-363146",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.0.7.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_analytical_applications_reconciliation_framework",
            "product": {
              "name": "financial_services_analytical_applications_reconciliation_framework",
              "product_id": "CSAFPID-363129",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.1.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_asset_liability_management",
            "product": {
              "name": "financial_services_asset_liability_management",
              "product_id": "CSAFPID-363142",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_balance_computation_engine",
            "product": {
              "name": "financial_services_balance_computation_engine",
              "product_id": "CSAFPID-363130",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_balance_computation_engine:8.1.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_balance_sheet_planning",
            "product": {
              "name": "financial_services_balance_sheet_planning",
              "product_id": "CSAFPID-363135",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_basic",
            "product": {
              "name": "financial_services_basel_regulatory_capital_basic",
              "product_id": "CSAFPID-1503627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
            "product": {
              "name": "financial_services_basel_regulatory_capital_internal_ratings_based_approach",
              "product_id": "CSAFPID-1503629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-765261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220456",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.7.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-189067",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93308",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-93306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220368",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-220449",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-345041",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-219770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-816828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1503630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_behavior_detection_platform",
            "product": {
              "name": "financial_services_behavior_detection_platform",
              "product_id": "CSAFPID-1751074",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_cash_flow_engine",
            "product": {
              "name": "financial_services_cash_flow_engine",
              "product_id": "CSAFPID-764273",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_cash_flow_engine:8.1.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-345047",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-816829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_compliance_studio",
            "product": {
              "name": "financial_services_compliance_studio",
              "product_id": "CSAFPID-1503632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-93648",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-93647",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-764857",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-391382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-765262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_crime_and_compliance_management_studio",
            "product": {
              "name": "financial_services_crime_and_compliance_management_studio",
              "product_id": "CSAFPID-765263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:_studio___8.0.8.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.0.8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493289",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_currency_transaction_reporting",
            "product": {
              "name": "financial_services_currency_transaction_reporting",
              "product_id": "CSAFPID-493288",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_currency_transaction_reporting:8.1.2.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_governance_for_us_regulatory_reporting",
            "product": {
              "name": "financial_services_data_governance_for_us_regulatory_reporting",
              "product_id": "CSAFPID-363128",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_governance_for_us_regulatory_reporting",
            "product": {
              "name": "financial_services_data_governance_for_us_regulatory_reporting",
              "product_id": "CSAFPID-363127",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363144",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363131",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_data_integration_hub",
            "product": {
              "name": "financial_services_data_integration_hub",
              "product_id": "CSAFPID-363126",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
            "product": {
              "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
              "product_id": "CSAFPID-363143",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
            "product": {
              "name": "financial_services_deposit_insurance_calculations_for_liquidity_risk_management",
              "product_id": "CSAFPID-363133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_deposit_insurance_calculations_for_liquidity_risk_management:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-567702",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220378",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220377",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220455",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180191",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-180189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220369",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-220448",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-345040",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-219771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-816830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_case_management",
            "product": {
              "name": "financial_services_enterprise_case_management",
              "product_id": "CSAFPID-1503636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_enterprise_financial_performance_analytics",
            "product": {
              "name": "financial_services_enterprise_financial_performance_analytics",
              "product_id": "CSAFPID-363141",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_funds_transfer_pricing",
            "product": {
              "name": "financial_services_funds_transfer_pricing",
              "product_id": "CSAFPID-363138",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_institutional_performance_analytics",
            "product": {
              "name": "financial_services_institutional_performance_analytics",
              "product_id": "CSAFPID-363136",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_lending_and_leasing",
            "product": {
              "name": "financial_services_lending_and_leasing",
              "product_id": "CSAFPID-816831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_liquidity_risk_measurement_and_management",
            "product": {
              "name": "financial_services_liquidity_risk_measurement_and_management",
              "product_id": "CSAFPID-363145",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_liquidity_risk_measurement_and_management",
            "product": {
              "name": "financial_services_liquidity_risk_measurement_and_management",
              "product_id": "CSAFPID-363132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_loan_loss_forecasting_and_provisioning",
            "product": {
              "name": "financial_services_loan_loss_forecasting_and_provisioning",
              "product_id": "CSAFPID-363140",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_loan_loss_forecasting_and_provisioning",
            "product": {
              "name": "financial_services_loan_loss_forecasting_and_provisioning",
              "product_id": "CSAFPID-363134",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-764923",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-396508",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-764924",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-396507",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-611391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1503318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1751202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_model_management_and_governance",
            "product": {
              "name": "financial_services_model_management_and_governance",
              "product_id": "CSAFPID-1751086",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_profitability_management",
            "product": {
              "name": "financial_services_profitability_management",
              "product_id": "CSAFPID-363139",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570314",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.0.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-570311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-1751214",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting",
            "product": {
              "name": "financial_services_regulatory_reporting",
              "product_id": "CSAFPID-1751213",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting:8.1.2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_regulatory_reporting_with_agilereporter",
            "product": {
              "name": "financial_services_regulatory_reporting_with_agilereporter",
              "product_id": "CSAFPID-611433",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.1.1.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_retail_performance_analytics",
            "product": {
              "name": "financial_services_retail_performance_analytics",
              "product_id": "CSAFPID-363137",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7.8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344846",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1751215",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765264",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-765265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-344845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219831",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816836",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816837",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-400307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-219827",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-912592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816839",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816841",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-1503638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_pricing_services___2.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_revenue_management_and_billing",
            "product": {
              "name": "financial_services_revenue_management_and_billing",
              "product_id": "CSAFPID-816840",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:_security___5.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering",
              "product_id": "CSAFPID-1751087",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering",
              "product_id": "CSAFPID-220375",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764925",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-764926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
            "product": {
              "name": "financial_services_trade-based_anti_money_laundering_enterprise_edition",
              "product_id": "CSAFPID-220374",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-764262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-180213",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-180207",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912094",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912093",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-912092",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-816824",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_liquidity_management",
            "product": {
              "name": "banking_liquidity_management",
              "product_id": "CSAFPID-1673499",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-764263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-180208",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-1751207",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912064",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912063",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_origination",
            "product": {
              "name": "banking_origination",
              "product_id": "CSAFPID-912062",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-764259",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1751206",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503614",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-180204",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503615",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503616",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "banking_corporate_lending_process_management",
            "product": {
              "name": "banking_corporate_lending_process_management",
              "product_id": "CSAFPID-1503617",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-34169",
      "cwe": {
        "id": "CWE-192",
        "name": "Integer Coercion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Coercion Error",
          "title": "CWE-192"
        },
        {
          "category": "other",
          "text": "Incorrect Conversion between Numeric Types",
          "title": "CWE-681"
        },
        {
          "category": "other",
          "text": "Incorrect Type Conversion or Cast",
          "title": "CWE-704"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-219827",
          "CSAFPID-219828",
          "CSAFPID-219829",
          "CSAFPID-219830",
          "CSAFPID-344845",
          "CSAFPID-219831",
          "CSAFPID-219832",
          "CSAFPID-344846",
          "CSAFPID-219833",
          "CSAFPID-764259",
          "CSAFPID-345045",
          "CSAFPID-345044",
          "CSAFPID-345043",
          "CSAFPID-345042",
          "CSAFPID-93309",
          "CSAFPID-93305",
          "CSAFPID-189064",
          "CSAFPID-189063",
          "CSAFPID-363146",
          "CSAFPID-363129",
          "CSAFPID-363142",
          "CSAFPID-363130",
          "CSAFPID-363135",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-345041",
          "CSAFPID-219772",
          "CSAFPID-345047",
          "CSAFPID-391382",
          "CSAFPID-493291",
          "CSAFPID-493290",
          "CSAFPID-493289",
          "CSAFPID-493288",
          "CSAFPID-363128",
          "CSAFPID-363127",
          "CSAFPID-363144",
          "CSAFPID-363131",
          "CSAFPID-363126",
          "CSAFPID-363143",
          "CSAFPID-363133",
          "CSAFPID-219774",
          "CSAFPID-180190",
          "CSAFPID-345040",
          "CSAFPID-219773",
          "CSAFPID-363141",
          "CSAFPID-363138",
          "CSAFPID-363136",
          "CSAFPID-363145",
          "CSAFPID-363132",
          "CSAFPID-363140",
          "CSAFPID-363134",
          "CSAFPID-396508",
          "CSAFPID-396507",
          "CSAFPID-363139",
          "CSAFPID-570314",
          "CSAFPID-570313",
          "CSAFPID-570312",
          "CSAFPID-570311",
          "CSAFPID-611433",
          "CSAFPID-363137",
          "CSAFPID-764796",
          "CSAFPID-764857",
          "CSAFPID-342808",
          "CSAFPID-220456",
          "CSAFPID-93308",
          "CSAFPID-93306",
          "CSAFPID-220368",
          "CSAFPID-220449",
          "CSAFPID-220455",
          "CSAFPID-180191",
          "CSAFPID-180189",
          "CSAFPID-220369",
          "CSAFPID-220448",
          "CSAFPID-764923",
          "CSAFPID-764924",
          "CSAFPID-764925",
          "CSAFPID-764926",
          "CSAFPID-764262",
          "CSAFPID-816824",
          "CSAFPID-764263",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-180204",
          "CSAFPID-180213",
          "CSAFPID-180207",
          "CSAFPID-180208",
          "CSAFPID-93312",
          "CSAFPID-93311",
          "CSAFPID-765261",
          "CSAFPID-765262",
          "CSAFPID-93648",
          "CSAFPID-765263",
          "CSAFPID-93647",
          "CSAFPID-220378",
          "CSAFPID-220377",
          "CSAFPID-220607",
          "CSAFPID-220372",
          "CSAFPID-567702",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-765266",
          "CSAFPID-400307",
          "CSAFPID-8848",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-219770",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-219771",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-220374",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-912589",
          "CSAFPID-400311",
          "CSAFPID-912590",
          "CSAFPID-400309",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-34169",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-219827",
            "CSAFPID-219828",
            "CSAFPID-219829",
            "CSAFPID-219830",
            "CSAFPID-344845",
            "CSAFPID-219831",
            "CSAFPID-219832",
            "CSAFPID-344846",
            "CSAFPID-219833",
            "CSAFPID-764259",
            "CSAFPID-345045",
            "CSAFPID-345044",
            "CSAFPID-345043",
            "CSAFPID-345042",
            "CSAFPID-93309",
            "CSAFPID-93305",
            "CSAFPID-189064",
            "CSAFPID-189063",
            "CSAFPID-363146",
            "CSAFPID-363129",
            "CSAFPID-363142",
            "CSAFPID-363130",
            "CSAFPID-363135",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-345041",
            "CSAFPID-219772",
            "CSAFPID-345047",
            "CSAFPID-391382",
            "CSAFPID-493291",
            "CSAFPID-493290",
            "CSAFPID-493289",
            "CSAFPID-493288",
            "CSAFPID-363128",
            "CSAFPID-363127",
            "CSAFPID-363144",
            "CSAFPID-363131",
            "CSAFPID-363126",
            "CSAFPID-363143",
            "CSAFPID-363133",
            "CSAFPID-219774",
            "CSAFPID-180190",
            "CSAFPID-345040",
            "CSAFPID-219773",
            "CSAFPID-363141",
            "CSAFPID-363138",
            "CSAFPID-363136",
            "CSAFPID-363145",
            "CSAFPID-363132",
            "CSAFPID-363140",
            "CSAFPID-363134",
            "CSAFPID-396508",
            "CSAFPID-396507",
            "CSAFPID-363139",
            "CSAFPID-570314",
            "CSAFPID-570313",
            "CSAFPID-570312",
            "CSAFPID-570311",
            "CSAFPID-611433",
            "CSAFPID-363137",
            "CSAFPID-764796",
            "CSAFPID-764857",
            "CSAFPID-342808",
            "CSAFPID-220456",
            "CSAFPID-93308",
            "CSAFPID-93306",
            "CSAFPID-220368",
            "CSAFPID-220449",
            "CSAFPID-220455",
            "CSAFPID-180191",
            "CSAFPID-180189",
            "CSAFPID-220369",
            "CSAFPID-220448",
            "CSAFPID-764923",
            "CSAFPID-764924",
            "CSAFPID-764925",
            "CSAFPID-764926",
            "CSAFPID-764262",
            "CSAFPID-816824",
            "CSAFPID-764263",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-180204",
            "CSAFPID-180213",
            "CSAFPID-180207",
            "CSAFPID-180208",
            "CSAFPID-93312",
            "CSAFPID-93311",
            "CSAFPID-765261",
            "CSAFPID-765262",
            "CSAFPID-93648",
            "CSAFPID-765263",
            "CSAFPID-93647",
            "CSAFPID-220378",
            "CSAFPID-220377",
            "CSAFPID-220607",
            "CSAFPID-220372",
            "CSAFPID-567702",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-765266",
            "CSAFPID-400307",
            "CSAFPID-8848",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-219770",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-219771",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-220374",
            "CSAFPID-912094",
            "CSAFPID-912093",
            "CSAFPID-912092",
            "CSAFPID-912064",
            "CSAFPID-912063",
            "CSAFPID-912062",
            "CSAFPID-912589",
            "CSAFPID-400311",
            "CSAFPID-912590",
            "CSAFPID-400309",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638"
          ]
        }
      ],
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2023-26031",
      "cwe": {
        "id": "CWE-426",
        "name": "Untrusted Search Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "Untrusted Search Path",
          "title": "CWE-426"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-816829"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-26031",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
        }
      ],
      "title": "CVE-2023-26031"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-611391",
          "CSAFPID-611392",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-764273",
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1751202",
          "CSAFPID-1751086"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-611391",
            "CSAFPID-611392",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-764273",
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1751202",
            "CSAFPID-1751086"
          ]
        }
      ],
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-39410",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-1751202",
          "CSAFPID-1751206",
          "CSAFPID-1751086",
          "CSAFPID-1751207",
          "CSAFPID-1503318"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39410",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-1751202",
            "CSAFPID-1751206",
            "CSAFPID-1751086",
            "CSAFPID-1751207",
            "CSAFPID-1503318"
          ]
        }
      ],
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-44483",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insertion of Sensitive Information into Log File",
          "title": "CWE-532"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44483",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44483.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-44483"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        },
        {
          "category": "other",
          "text": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
          "title": "CWE-757"
        },
        {
          "category": "other",
          "text": "Improper Validation of Integrity Check Value",
          "title": "CWE-354"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-8848",
          "CSAFPID-9300",
          "CSAFPID-9522",
          "CSAFPID-9711",
          "CSAFPID-93307",
          "CSAFPID-180190",
          "CSAFPID-189065",
          "CSAFPID-189066",
          "CSAFPID-189067",
          "CSAFPID-219770",
          "CSAFPID-219771",
          "CSAFPID-219774",
          "CSAFPID-220374",
          "CSAFPID-344845",
          "CSAFPID-344846",
          "CSAFPID-764259",
          "CSAFPID-764262",
          "CSAFPID-764263",
          "CSAFPID-765266",
          "CSAFPID-816824",
          "CSAFPID-816828",
          "CSAFPID-816829",
          "CSAFPID-816830",
          "CSAFPID-816831",
          "CSAFPID-816832",
          "CSAFPID-816833",
          "CSAFPID-816834",
          "CSAFPID-816835",
          "CSAFPID-816836",
          "CSAFPID-816837",
          "CSAFPID-816838",
          "CSAFPID-816839",
          "CSAFPID-816840",
          "CSAFPID-816841",
          "CSAFPID-816842",
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-8848",
            "CSAFPID-9300",
            "CSAFPID-9522",
            "CSAFPID-9711",
            "CSAFPID-93307",
            "CSAFPID-180190",
            "CSAFPID-189065",
            "CSAFPID-189066",
            "CSAFPID-189067",
            "CSAFPID-219770",
            "CSAFPID-219771",
            "CSAFPID-219774",
            "CSAFPID-220374",
            "CSAFPID-344845",
            "CSAFPID-344846",
            "CSAFPID-764259",
            "CSAFPID-764262",
            "CSAFPID-764263",
            "CSAFPID-765266",
            "CSAFPID-816824",
            "CSAFPID-816828",
            "CSAFPID-816829",
            "CSAFPID-816830",
            "CSAFPID-816831",
            "CSAFPID-816832",
            "CSAFPID-816833",
            "CSAFPID-816834",
            "CSAFPID-816835",
            "CSAFPID-816836",
            "CSAFPID-816837",
            "CSAFPID-816838",
            "CSAFPID-816839",
            "CSAFPID-816840",
            "CSAFPID-816841",
            "CSAFPID-816842",
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51074",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-400309",
          "CSAFPID-400311",
          "CSAFPID-765264",
          "CSAFPID-765265",
          "CSAFPID-912062",
          "CSAFPID-912063",
          "CSAFPID-912064",
          "CSAFPID-912092",
          "CSAFPID-912093",
          "CSAFPID-912094",
          "CSAFPID-912589",
          "CSAFPID-912590",
          "CSAFPID-912591",
          "CSAFPID-912592",
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1751213",
          "CSAFPID-220375",
          "CSAFPID-1751214",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51074",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51074.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-400309",
            "CSAFPID-400311",
            "CSAFPID-765264",
            "CSAFPID-765265",
            "CSAFPID-912062",
            "CSAFPID-912063",
            "CSAFPID-912064",
            "CSAFPID-912092",
            "CSAFPID-912093",
            "CSAFPID-912094",
            "CSAFPID-912589",
            "CSAFPID-912590",
            "CSAFPID-912591",
            "CSAFPID-912592",
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1751213",
            "CSAFPID-220375",
            "CSAFPID-1751214",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2023-51074"
    },
    {
      "cve": "CVE-2023-52070",
      "product_status": {
        "known_affected": [
          "CSAFPID-1751215"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52070",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52070.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751215"
          ]
        }
      ],
      "title": "CVE-2023-52070"
    },
    {
      "cve": "CVE-2024-28219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Use of Potentially Dangerous Function",
          "title": "CWE-676"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503631",
          "CSAFPID-1673499"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503631",
            "CSAFPID-1673499"
          ]
        }
      ],
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503614",
          "CSAFPID-1503615",
          "CSAFPID-1503616",
          "CSAFPID-1503617",
          "CSAFPID-912094",
          "CSAFPID-912093",
          "CSAFPID-912092",
          "CSAFPID-912064",
          "CSAFPID-912063",
          "CSAFPID-912062",
          "CSAFPID-9711",
          "CSAFPID-9300",
          "CSAFPID-189066",
          "CSAFPID-189065",
          "CSAFPID-1503626",
          "CSAFPID-1503627",
          "CSAFPID-1503628",
          "CSAFPID-1503629",
          "CSAFPID-189067",
          "CSAFPID-93307",
          "CSAFPID-816828",
          "CSAFPID-1503630",
          "CSAFPID-1503631",
          "CSAFPID-1503632",
          "CSAFPID-1503633",
          "CSAFPID-1503634",
          "CSAFPID-1503635",
          "CSAFPID-1503636",
          "CSAFPID-1503319",
          "CSAFPID-1503318",
          "CSAFPID-1503637",
          "CSAFPID-1503638",
          "CSAFPID-764926",
          "CSAFPID-1673499",
          "CSAFPID-1751206",
          "CSAFPID-1751207"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503614",
            "CSAFPID-1503615",
            "CSAFPID-1503616",
            "CSAFPID-1503617",
            "CSAFPID-912094",
            "CSAFPID-912093",
            "CSAFPID-912092",
            "CSAFPID-912064",
            "CSAFPID-912063",
            "CSAFPID-912062",
            "CSAFPID-9711",
            "CSAFPID-9300",
            "CSAFPID-189066",
            "CSAFPID-189065",
            "CSAFPID-1503626",
            "CSAFPID-1503627",
            "CSAFPID-1503628",
            "CSAFPID-1503629",
            "CSAFPID-189067",
            "CSAFPID-93307",
            "CSAFPID-816828",
            "CSAFPID-1503630",
            "CSAFPID-1503631",
            "CSAFPID-1503632",
            "CSAFPID-1503633",
            "CSAFPID-1503634",
            "CSAFPID-1503635",
            "CSAFPID-1503636",
            "CSAFPID-1503319",
            "CSAFPID-1503318",
            "CSAFPID-1503637",
            "CSAFPID-1503638",
            "CSAFPID-764926",
            "CSAFPID-1673499",
            "CSAFPID-1751206",
            "CSAFPID-1751207"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751202",
          "CSAFPID-1751086",
          "CSAFPID-1503318"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751202",
            "CSAFPID-1751086",
            "CSAFPID-1503318"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673499",
          "CSAFPID-1503631"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673499",
            "CSAFPID-1503631"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1751072",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-189067",
          "CSAFPID-1751083",
          "CSAFPID-1751086",
          "CSAFPID-1503631",
          "CSAFPID-220375"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751072",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-189067",
            "CSAFPID-1751083",
            "CSAFPID-1751086",
            "CSAFPID-1503631",
            "CSAFPID-220375"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1503631",
          "CSAFPID-189067",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1503631",
            "CSAFPID-189067",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503631"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1503631"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-38998",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-189067",
          "CSAFPID-1503318",
          "CSAFPID-1751202",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1751213",
          "CSAFPID-1751214",
          "CSAFPID-219774",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-189067",
            "CSAFPID-1503318",
            "CSAFPID-1751202",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1751213",
            "CSAFPID-1751214",
            "CSAFPID-219774",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38998"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1751083",
          "CSAFPID-189067",
          "CSAFPID-1503318",
          "CSAFPID-1751202",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-1751078",
          "CSAFPID-1751213",
          "CSAFPID-1751214",
          "CSAFPID-219774",
          "CSAFPID-1751086",
          "CSAFPID-1751072"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1751083",
            "CSAFPID-189067",
            "CSAFPID-1503318",
            "CSAFPID-1751202",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-1751078",
            "CSAFPID-1751213",
            "CSAFPID-1751214",
            "CSAFPID-219774",
            "CSAFPID-1751086",
            "CSAFPID-1751072"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-45490",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "other",
          "text": "Incorrect Calculation of Buffer Size",
          "title": "CWE-131"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-189067",
          "CSAFPID-1503630",
          "CSAFPID-1751074",
          "CSAFPID-220375"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45490",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189067",
            "CSAFPID-1503630",
            "CSAFPID-1751074",
            "CSAFPID-220375"
          ]
        }
      ],
      "title": "CVE-2024-45490"
    },
    {
      "cve": "CVE-2024-45491",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1503630",
          "CSAFPID-189067",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45491",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1503630",
            "CSAFPID-189067",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220375",
          "CSAFPID-1503630",
          "CSAFPID-189067",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220375",
            "CSAFPID-1503630",
            "CSAFPID-189067",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2025-21550",
      "product_status": {
        "known_affected": [
          "CSAFPID-189067",
          "CSAFPID-1503630",
          "CSAFPID-1751074"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21550.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-189067",
            "CSAFPID-1503630",
            "CSAFPID-1751074"
          ]
        }
      ],
      "title": "CVE-2025-21550"
    }
  ]
}

NCSC-2025-0028

Vulnerability from csaf_ncscnl - Published: 2025-01-22 13:36 - Updated: 2025-01-22 13:36

Summary

Kwetsbaarheden verholpen in Oracle Analytics

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.

Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-248: Uncaught Exception

CWE-674: Uncontrolled Recursion

CWE-611: Improper Restriction of XML External Entity Reference

CWE-787: Out-of-bounds Write

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-789: Memory Allocation with Excessive Size Value

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-1395: Dependency on Vulnerable Third-Party Component

CWE-670: Always-Incorrect Control Flow Implementation

CWE-399: CWE-399

CWE-326: Inadequate Encryption Strength

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

CWE-834: Excessive Iteration

CWE-311: Missing Encryption of Sensitive Data

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-1333: Inefficient Regular Expression Complexity

CVE-2016-10000

CVE-2020-2849

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2020-7760

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 24 products

CVE-2020-13956

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 30 products

CVE-2020-28975

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2021-23926

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Affected products

Known affected 23 products

CVE-2021-33813

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 26 products

CVE-2022-40150

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 19 products

CVE-2023-2976

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Known affected 13 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-4785

CWE-248 - Uncaught Exception

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-7272

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-24998

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 20 products

CVE-2023-25399

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-29824

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-32732

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-440 - Expected Behavior Violation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-33202

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 10 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-33953

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-834 - Excessive Iteration

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-43804

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 13 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-45803

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2023-50782

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-208 - Observable Timing Discrepancy

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-0727

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 11 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—

CVE-2024-1135

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-4741

CWE-416 - Use After Free

Affected products

Known affected 9 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—

CVE-2024-5535

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 3 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-7254

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 3 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-22195

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-26130

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-476 - NULL Pointer Dereference

Affected products

Known affected 9 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-29025

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Known affected 8 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-29131

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 8 products

Product	Identifier	Version
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—

CVE-2024-34064

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 7 products

Product	Identifier	Version
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop::::::::`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:::::::*`	—
business_intelligence_enterprise_edition oracle	`cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-35195

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

CWE-670 - Always-Incorrect Control Flow Implementation

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-36114

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2024-38809

8.0 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-1333 - Inefficient Regular Expression Complexity

Affected products

Known affected 5 products

Product	Identifier	Version
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	—

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-43382

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-311 - Missing Encryption of Sensitive Data

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	—
bi_publisher oracle	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	—

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	—
business_intelligence oracle	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	—

CVE-2025-21532

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
analytics_desktop oracle	`cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:::::::*`	—

References

40 references

URL	Category
https://www.oracle.com/security-alerts/cpujan2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2016…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Uncaught Exception",
        "title": "CWE-248"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Memory Allocation with Excessive Size Value",
        "title": "CWE-789"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Dependency on Vulnerable Third-Party Component",
        "title": "CWE-1395"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "CWE-399",
        "title": "CWE-399"
      },
      {
        "category": "general",
        "text": "Inadequate Encryption Strength",
        "title": "CWE-326"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
        "title": "CWE-776"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Inefficient Regular Expression Complexity",
        "title": "CWE-1333"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujan2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Analytics",
    "tracking": {
      "current_release_date": "2025-01-22T13:36:58.196605Z",
      "id": "NCSC-2025-0028",
      "initial_release_date": "2025-01-22T13:36:58.196605Z",
      "revision_history": [
        {
          "date": "2025-01-22T13:36:58.196605Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-220360",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-135810",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-219994",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:enterprise:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-219817",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:6.4.0.0.0:enterprise:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503297",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-257324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1503298",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence",
            "product": {
              "name": "business_intelligence",
              "product_id": "CSAFPID-1650736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765384",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764234",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764929",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764235",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764930",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764236",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503574",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-1503573",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765388",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764727",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764729",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765383",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765385",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764725",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764728",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764730",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-764726",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "business_intelligence_enterprise_edition",
            "product": {
              "name": "business_intelligence_enterprise_edition",
              "product_id": "CSAFPID-765386",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-9493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-228391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-220560",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bi_publisher",
            "product": {
              "name": "bi_publisher",
              "product_id": "CSAFPID-1673195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816763",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816761",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-816762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1751172",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1650735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "analytics_desktop",
            "product": {
              "name": "analytics_desktop",
              "product_id": "CSAFPID-1751157",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10000",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2016-10000",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2016/CVE-2016-10000.json"
        }
      ],
      "title": "CVE-2016-10000"
    },
    {
      "cve": "CVE-2020-2849",
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-2849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-2849.json"
        }
      ],
      "title": "CVE-2020-2849"
    },
    {
      "cve": "CVE-2020-7760",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-7760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-7760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-764778",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2020-7760"
    },
    {
      "cve": "CVE-2020-13956",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-228391",
          "CSAFPID-764778",
          "CSAFPID-220546",
          "CSAFPID-9197",
          "CSAFPID-764929",
          "CSAFPID-764930",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-1503574",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13956",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-228391",
            "CSAFPID-764778",
            "CSAFPID-220546",
            "CSAFPID-9197",
            "CSAFPID-764929",
            "CSAFPID-764930",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-1503574",
            "CSAFPID-257324",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2020-13956"
    },
    {
      "cve": "CVE-2020-28975",
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-28975",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28975.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2020-28975"
    },
    {
      "cve": "CVE-2021-23926",
      "cwe": {
        "id": "CWE-776",
        "name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
          "title": "CWE-776"
        },
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9493",
          "CSAFPID-764778",
          "CSAFPID-228391",
          "CSAFPID-135810",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-220546",
          "CSAFPID-9197",
          "CSAFPID-764929",
          "CSAFPID-764930"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-23926",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9493",
            "CSAFPID-764778",
            "CSAFPID-228391",
            "CSAFPID-135810",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-220546",
            "CSAFPID-9197",
            "CSAFPID-764929",
            "CSAFPID-764930"
          ]
        }
      ],
      "title": "CVE-2021-23926"
    },
    {
      "cve": "CVE-2021-33813",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9197",
          "CSAFPID-9493",
          "CSAFPID-228391",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-765383",
          "CSAFPID-765384",
          "CSAFPID-765385",
          "CSAFPID-765386",
          "CSAFPID-765387",
          "CSAFPID-765388",
          "CSAFPID-765389",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9197",
            "CSAFPID-9493",
            "CSAFPID-228391",
            "CSAFPID-764778",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-765383",
            "CSAFPID-765384",
            "CSAFPID-765385",
            "CSAFPID-765386",
            "CSAFPID-765387",
            "CSAFPID-765388",
            "CSAFPID-765389",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2021-33813"
    },
    {
      "cve": "CVE-2022-40150",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764234",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764235",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-764236",
          "CSAFPID-9493",
          "CSAFPID-764778",
          "CSAFPID-228391",
          "CSAFPID-135810",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-40150",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40150.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764725",
            "CSAFPID-764726",
            "CSAFPID-764234",
            "CSAFPID-764727",
            "CSAFPID-764728",
            "CSAFPID-764235",
            "CSAFPID-764729",
            "CSAFPID-764730",
            "CSAFPID-764236",
            "CSAFPID-9493",
            "CSAFPID-764778",
            "CSAFPID-228391",
            "CSAFPID-135810",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2022-40150"
    },
    {
      "cve": "CVE-2023-2976",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "other",
          "text": "Files or Directories Accessible to External Parties",
          "title": "CWE-552"
        },
        {
          "category": "other",
          "text": "Creation of Temporary File in Directory with Insecure Permissions",
          "title": "CWE-379"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2976",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-4785",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncaught Exception",
          "title": "CWE-248"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4785",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4785.json"
        }
      ],
      "title": "CVE-2023-4785"
    },
    {
      "cve": "CVE-2023-7272",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-7272",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-7272"
    },
    {
      "cve": "CVE-2023-24998",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-399",
          "title": "CWE-399"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-764778",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-764725",
          "CSAFPID-764726",
          "CSAFPID-764727",
          "CSAFPID-764728",
          "CSAFPID-764729",
          "CSAFPID-764730",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
        }
      ],
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-25399",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-25399",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-25399"
    },
    {
      "cve": "CVE-2023-29824",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-29824",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29824.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-29824"
    },
    {
      "cve": "CVE-2023-32732",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Expected Behavior Violation",
          "title": "CWE-440"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-32732",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32732.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-32732"
    },
    {
      "cve": "CVE-2023-33202",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650735",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33202",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650735",
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-33202"
    },
    {
      "cve": "CVE-2023-33953",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Memory Allocation with Excessive Size Value",
          "title": "CWE-789"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33953",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33953.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-33953"
    },
    {
      "cve": "CVE-2023-43804",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-43804",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43804.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-43804"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220545",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764235",
          "CSAFPID-764236",
          "CSAFPID-816761",
          "CSAFPID-816762",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220545",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764235",
            "CSAFPID-764236",
            "CSAFPID-816761",
            "CSAFPID-816762",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45803",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45803",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45803.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-45803"
    },
    {
      "cve": "CVE-2023-50782",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Timing Discrepancy",
          "title": "CWE-208"
        },
        {
          "category": "other",
          "text": "Observable Discrepancy",
          "title": "CWE-203"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-50782",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50782.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2023-50782"
    },
    {
      "cve": "CVE-2024-0727",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0727",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-1650736",
            "CSAFPID-257324",
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574"
          ]
        }
      ],
      "title": "CVE-2024-0727"
    },
    {
      "cve": "CVE-2024-1135",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1135",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-1135"
    },
    {
      "cve": "CVE-2024-4741",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4741",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
        }
      ],
      "title": "CVE-2024-4741"
    },
    {
      "cve": "CVE-2024-5535",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Dependency on Vulnerable Third-Party Component",
          "title": "CWE-1395"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-135810",
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5535",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-135810",
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-5535"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-22195",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-22195"
    },
    {
      "cve": "CVE-2024-26130",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-9493",
          "CSAFPID-220560",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26130",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-9493",
            "CSAFPID-220560",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29131",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324",
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-1650736"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29131",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324",
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-1650736"
          ]
        }
      ],
      "title": "CVE-2024-29131"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816763",
          "CSAFPID-1503573",
          "CSAFPID-765385",
          "CSAFPID-764234",
          "CSAFPID-764236",
          "CSAFPID-1503574",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816763",
            "CSAFPID-1503573",
            "CSAFPID-765385",
            "CSAFPID-764234",
            "CSAFPID-764236",
            "CSAFPID-1503574",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-36114",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-36114"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38809",
      "cwe": {
        "id": "CWE-1333",
        "name": "Inefficient Regular Expression Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Regular Expression Complexity",
          "title": "CWE-1333"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195",
          "CSAFPID-1650736",
          "CSAFPID-257324",
          "CSAFPID-135810"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38809",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195",
            "CSAFPID-1650736",
            "CSAFPID-257324",
            "CSAFPID-135810"
          ]
        }
      ],
      "title": "CVE-2024-38809"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-43382",
      "cwe": {
        "id": "CWE-311",
        "name": "Missing Encryption of Sensitive Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        },
        {
          "category": "other",
          "text": "Inadequate Encryption Strength",
          "title": "CWE-326"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220560",
          "CSAFPID-1673195"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43382",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43382.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220560",
            "CSAFPID-1673195"
          ]
        }
      ],
      "title": "CVE-2024-43382"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650736",
          "CSAFPID-257324"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650736",
            "CSAFPID-257324"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2025-21532",
      "product_status": {
        "known_affected": [
          "CSAFPID-1751157"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21532",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21532.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1751157"
          ]
        }
      ],
      "title": "CVE-2025-21532"
    }
  ]
}

NCSC-2025-0045

Vulnerability from csaf_ncscnl - Published: 2025-02-11 09:08 - Updated: 2025-02-11 09:08

Summary

Kwetsbaarheden verholpen in SAP producten

Notes

Feiten: SAP heeft kwetsbaarheden verholpen in onder andere SAP NetWeaver, BusinessObjects Business Intelligence platform, Enterprise Project Connection en Commerce.

Interpretaties: De kwetsbaarheden in SAP NetWeaver omvatten een gebrek aan toegangscontrole, wat ongeauthenticeerde aanvallers in staat stelt om toegang te krijgen tot gevoelige serverinstellingen en gegevens. Daarnaast zijn er Cross-Site Scripting kwetsbaarheden in SAP producten die de vertrouwelijkheid van gegevens ernstig kunnen aantasten. De kwetsbaarheden kunnen worden misbruikt door aanvallers om ongeautoriseerde toegang te verkrijgen tot gevoelige informatie, wat kan leiden tot datalekken en andere beveiligingsincidenten.

Oplossingen: SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-921: Storage of Sensitive Data in a Mechanism without Access Control

CWE-1021: Improper Restriction of Rendered UI Layers or Frames

CWE-1188: Initialization of a Resource with an Insecure Default

CWE-178: Improper Handling of Case Sensitivity

CWE-732: Incorrect Permission Assignment for Critical Resource

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax

CWE-204: Observable Response Discrepancy

CWE-404: Improper Resource Shutdown or Release

CWE-306: Missing Authentication for Critical Function

CWE-862: Missing Authorization

CWE-352: Cross-Site Request Forgery (CSRF)

CWE-284: Improper Access Control

CWE-863: Incorrect Authorization

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-287: Improper Authentication

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-24527

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-306 - Missing Authentication for Critical Function

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-22126

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-38819

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-38828

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-45216

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-287 - Improper Authentication

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2024-45217

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-1188 - Initialization of a Resource with an Insecure Default

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-0054

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-0064

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CWE-732 - Incorrect Permission Assignment for Critical Resource

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-23187

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-23189

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-23190

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-862 - Missing Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-23191

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-23193

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-204 - Observable Response Discrepancy

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24867

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24868

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24869

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24870

6.0 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE-921 - Storage of Sensitive Data in a Mechanism without Access Control

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24872

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-863 - Incorrect Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24874

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24875

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-352 - Cross-Site Request Forgery (CSRF)

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-24876

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-25241

CWE-862 - Missing Authorization

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

CVE-2025-25243

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 10 products

Product	Identifier	Version
supplier_relationship_management sap	`cpe:2.3:a:sap:supplier_relationship_management:7.52:::::::*`	—
netweaver sap	`cpe:2.3:a:sap:netweaver:application_server_java:7.50::::::`	—
netweaver_server_abap sap	`cpe:2.3:a:sap:netweaver_server_abap:758:::::::*`	—
netweaver_java_application_server sap	`cpe:2.3:a:sap:netweaver_java_application_server:7.5:::::::*`	—
netweaver_as_java sap	`cpe:2.3:a:sap:netweaver_as_java:7.50:::::::*`	—
netweaver_application_server_java sap	`cpe:2.3:a:sap:netweaver_application_server_java::::::::`	—
netweaver_as_java_for_deploy_service sap	`cpe:2.3:a:sap:netweaver_as_java_for_deploy_service::::::::`	—
abap_platform sap	`cpe:2.3:a:sap:abap_platform:758:::::::*`	—
commerce_backoffice sap	`cpe:2.3:a:sap:commerce_backoffice::::::::`	—
commerce sap	`cpe:2.3:a:sap:commerce::::::::`	—

References

25 references

URL	Category
https://support.sap.com/en/my-support/knowledge-b…	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "SAP heeft kwetsbaarheden verholpen in onder andere SAP NetWeaver, BusinessObjects Business Intelligence platform, Enterprise Project Connection en Commerce.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden in SAP NetWeaver omvatten een gebrek aan toegangscontrole, wat ongeauthenticeerde aanvallers in staat stelt om toegang te krijgen tot gevoelige serverinstellingen en gegevens. Daarnaast zijn er Cross-Site Scripting kwetsbaarheden in SAP producten die de vertrouwelijkheid van gegevens ernstig kunnen aantasten. De kwetsbaarheden kunnen worden misbruikt door aanvallers om ongeautoriseerde toegang te verkrijgen tot gevoelige informatie, wat kan leiden tot datalekken en andere beveiligingsincidenten.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Storage of Sensitive Data in a Mechanism without Access Control",
        "title": "CWE-921"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Rendered UI Layers or Frames",
        "title": "CWE-1021"
      },
      {
        "category": "general",
        "text": "Initialization of a Resource with an Insecure Default",
        "title": "CWE-1188"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Incorrect Permission Assignment for Critical Resource",
        "title": "CWE-732"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of HTTP Headers for Scripting Syntax",
        "title": "CWE-644"
      },
      {
        "category": "general",
        "text": "Observable Response Discrepancy",
        "title": "CWE-204"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Missing Authentication for Critical Function",
        "title": "CWE-306"
      },
      {
        "category": "general",
        "text": "Missing Authorization",
        "title": "CWE-862"
      },
      {
        "category": "general",
        "text": "Cross-Site Request Forgery (CSRF)",
        "title": "CWE-352"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Incorrect Authorization",
        "title": "CWE-863"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/february-2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in SAP producten",
    "tracking": {
      "current_release_date": "2025-02-11T09:08:48.427126Z",
      "id": "NCSC-2025-0045",
      "initial_release_date": "2025-02-11T09:08:48.427126Z",
      "revision_history": [
        {
          "date": "2025-02-11T09:08:48.427126Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "supplier_relationship_management",
            "product": {
              "name": "supplier_relationship_management",
              "product_id": "CSAFPID-1760711",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:supplier_relationship_management:7.52:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver",
            "product": {
              "name": "netweaver",
              "product_id": "CSAFPID-16504",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver:application_server_java:7.50:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver_server_abap",
            "product": {
              "name": "netweaver_server_abap",
              "product_id": "CSAFPID-1760738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver_server_abap:758:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver_java_application_server",
            "product": {
              "name": "netweaver_java_application_server",
              "product_id": "CSAFPID-406035",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver_java_application_server:7.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver_as_java",
            "product": {
              "name": "netweaver_as_java",
              "product_id": "CSAFPID-837776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver_as_java:7.50:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver_application_server_java",
            "product": {
              "name": "netweaver_application_server_java",
              "product_id": "CSAFPID-1760739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "netweaver_as_java_for_deploy_service",
            "product": {
              "name": "netweaver_as_java_for_deploy_service",
              "product_id": "CSAFPID-1759878",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:netweaver_as_java_for_deploy_service:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "abap_platform",
            "product": {
              "name": "abap_platform",
              "product_id": "CSAFPID-340940",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:abap_platform:758:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "commerce_backoffice",
            "product": {
              "name": "commerce_backoffice",
              "product_id": "CSAFPID-1760724",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:commerce_backoffice:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "commerce",
            "product": {
              "name": "commerce",
              "product_id": "CSAFPID-234320",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:sap:commerce:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "sap"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-24527",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authentication for Critical Function",
          "title": "CWE-306"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24527",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24527.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2023-24527"
    },
    {
      "cve": "CVE-2024-22126",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22126",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22126.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-22126"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38828",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38828",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38828.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-38828"
    },
    {
      "cve": "CVE-2024-45216",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        },
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45216",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45216.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-45216"
    },
    {
      "cve": "CVE-2024-45217",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "other",
          "text": "Initialization of a Resource with an Insecure Default",
          "title": "CWE-1188"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45217",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45217.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2024-45217"
    },
    {
      "cve": "CVE-2025-0054",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-0054",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-0054.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-0054"
    },
    {
      "cve": "CVE-2025-0064",
      "cwe": {
        "id": "CWE-732",
        "name": "Incorrect Permission Assignment for Critical Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Permission Assignment for Critical Resource",
          "title": "CWE-732"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-0064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-0064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-0064"
    },
    {
      "cve": "CVE-2025-23187",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23187",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23187.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-23187"
    },
    {
      "cve": "CVE-2025-23189",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23189",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23189.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-23189"
    },
    {
      "cve": "CVE-2025-23190",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23190",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23190.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-23190"
    },
    {
      "cve": "CVE-2025-23191",
      "cwe": {
        "id": "CWE-644",
        "name": "Improper Neutralization of HTTP Headers for Scripting Syntax"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of HTTP Headers for Scripting Syntax",
          "title": "CWE-644"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23191",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23191.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-23191"
    },
    {
      "cve": "CVE-2025-23193",
      "cwe": {
        "id": "CWE-204",
        "name": "Observable Response Discrepancy"
      },
      "notes": [
        {
          "category": "other",
          "text": "Observable Response Discrepancy",
          "title": "CWE-204"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23193",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23193.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-23193"
    },
    {
      "cve": "CVE-2025-24867",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24867",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24867.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24867"
    },
    {
      "cve": "CVE-2025-24868",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24868",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24868.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24868"
    },
    {
      "cve": "CVE-2025-24869",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24869",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24869.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24869"
    },
    {
      "cve": "CVE-2025-24870",
      "cwe": {
        "id": "CWE-921",
        "name": "Storage of Sensitive Data in a Mechanism without Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Storage of Sensitive Data in a Mechanism without Access Control",
          "title": "CWE-921"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24870",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24870.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24870"
    },
    {
      "cve": "CVE-2025-24872",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Authorization",
          "title": "CWE-863"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24872",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24872.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24872"
    },
    {
      "cve": "CVE-2025-24874",
      "cwe": {
        "id": "CWE-1021",
        "name": "Improper Restriction of Rendered UI Layers or Frames"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Rendered UI Layers or Frames",
          "title": "CWE-1021"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24874",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24874.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24874"
    },
    {
      "cve": "CVE-2025-24875",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Cross-Site Request Forgery (CSRF)",
          "title": "CWE-352"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24875",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24875.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24875"
    },
    {
      "cve": "CVE-2025-24876",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24876",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24876.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-24876"
    },
    {
      "cve": "CVE-2025-25241",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Authorization",
          "title": "CWE-862"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25241",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25241.json"
        }
      ],
      "title": "CVE-2025-25241"
    },
    {
      "cve": "CVE-2025-25243",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1760711",
          "CSAFPID-16504",
          "CSAFPID-1760738",
          "CSAFPID-406035",
          "CSAFPID-837776",
          "CSAFPID-1760739",
          "CSAFPID-1759878",
          "CSAFPID-340940",
          "CSAFPID-1760724",
          "CSAFPID-234320"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25243",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25243.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1760711",
            "CSAFPID-16504",
            "CSAFPID-1760738",
            "CSAFPID-406035",
            "CSAFPID-837776",
            "CSAFPID-1760739",
            "CSAFPID-1759878",
            "CSAFPID-340940",
            "CSAFPID-1760724",
            "CSAFPID-234320"
          ]
        }
      ],
      "title": "CVE-2025-25243"
    }
  ]
}

NCSC-2025-0123

Vulnerability from csaf_ncscnl - Published: 2025-04-16 08:37 - Updated: 2025-04-16 08:37

Summary

Kwetsbaarheden verholpen in Oracle Database Producten

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.

Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-385: Covert Timing Channel

CWE-347: Improper Verification of Cryptographic Signature

CWE-1286: Improper Validation of Syntactic Correctness of Input

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-400: Uncontrolled Resource Consumption

CWE-502: Deserialization of Untrusted Data

CWE-918: Server-Side Request Forgery (SSRF)

CWE-787: Out-of-bounds Write

CWE-20: Improper Input Validation

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-44: Path Equivalence: 'file.name' (Internal Dot)

CWE-226: Sensitive Information in Resource Not Removed Before Reuse

CWE-706: Use of Incorrectly-Resolved Name or Reference

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-755: Improper Handling of Exceptional Conditions

CWE-178: Improper Handling of Case Sensitivity

CWE-193: Off-by-one Error

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-523: Unprotected Transport of Credentials

CWE-190: Integer Overflow or Wraparound

CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

CWE-285: Improper Authorization

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-284: Improper Access Control

CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-476: NULL Pointer Dereference

CWE-459: Incomplete Cleanup

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-674: Uncontrolled Recursion

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-122: Heap-based Buffer Overflow

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-269: Improper Privilege Management

CWE-287: Improper Authentication

CVE-2020-1935

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-1938

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-285 - Improper Authorization

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-9484

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-11996

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-13935

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-13943

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2020-36843

4.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-24122

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-25122

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-25329

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-30640

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-287 - Improper Authentication

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-33037

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-41079

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-41184

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-42575

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2021-43980

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-3786

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-193 - Off-by-one Error

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-25762

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-226 - Sensitive Information in Resource Not Removed Before Reuse

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2022-42252

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-28708

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-34053

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-41080

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-42795

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-459 - Incomplete Cleanup

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-44487

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-45648

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2023-46589

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-6763

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-8176

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-8184

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-9143

CWE-787 - Out-of-bounds Write

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11053

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11233

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE-122 - Heap-based Buffer Overflow

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11234

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-11236

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-13176

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-23672

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-459 - Incomplete Cleanup

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-24549

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-36114

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38819

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-38999

10.0 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-39338

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-918 - Server-Side Request Forgery (SSRF)

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-47554

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-47561

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-53382

4.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2024-57699

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-21578

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-24813

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-24970

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-25193

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-26791

4.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30694

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30701

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30702

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30733

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

CVE-2025-30736

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Known affected 59 products

Product	Identifier	Version
vers:unknown/22.1 Oracle / Oracle / Database Server		vers:unknown/22.1
vers:unknown/13.5.0.0 Oracle / Oracle / Enterprise Manager for Oracle Database		vers:unknown/13.5.0.0
vers:oracle/>=19.3\|<=19.22 Oracle / Oracle Database Server		vers:oracle/>=19.3\|<=19.22
vers:oracle/>=19.3\|<=19.26 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:::::::*`	vers:oracle/>=19.3\|<=19.26
vers:oracle/>=21.3\|<=21.13 Oracle / Oracle Database Server		vers:oracle/>=21.3\|<=21.13
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=21.4\|<=21.16 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:::::::*`	vers:oracle/>=21.4\|<=21.16
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle Database Server / Oracle Database Server	`cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/13.5.0.0 Oracle / Oracle Enterprise Manager for Oracle Database		vers:oracle/13.5.0.0
vers:oracle/1.5.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.5.0:::::::*`	vers:oracle/1.5.0
vers:oracle/1.6.0 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.0:::::::*`	vers:oracle/1.6.0
vers:oracle/1.6.1 Oracle / Oracle NoSQL Database / Oracle NoSQL Database	`cpe:2.3:a:oracle:nosql_database:1.6.1:::::::*`	vers:oracle/1.6.1
vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0 Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database	`cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:::::::*`	vers:oracle/>=22.1.1.1.0\|<=22.1.1.30.0
vers:semver/19.3\|<=19.26 Oracle Corporation / Oracle Database Server		vers:semver/19.3\|<=19.26
vers:semver/21.3\|<=21.17 Oracle Corporation / Oracle Database Server		vers:semver/21.3\|<=21.17
vers:semver/23.4\|<=23.7 Oracle Corporation / Oracle Database Server		vers:semver/23.4\|<=23.7
vers:oracle/25.1.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:::::::*`	vers:oracle/25.1.0
vers:oracle/25.2.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:::::::*`	vers:oracle/25.2.0
vers:oracle/>=23.8.0\|<=23.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:::::::*`	vers:oracle/>=23.8.0\|<=23.11.0
vers:oracle/>=24.1.0\|<=24.11.0 Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework	`cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:::::::*`	vers:oracle/>=24.1.0\|<=24.11.0
vers:oracle/21.7.1.0.0 Oracle / Oracle Essbase / Oracle Essbase	`cpe:2.3:a:oracle:essbase:21.7.1.0.0:::::::*`	vers:oracle/21.7.1.0.0
vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle / GoldenGate		vers:unknown/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:unknown/>=21.3\|<=21.17 Oracle / Oracle / GoldenGate		vers:unknown/>=21.3\|<=21.17
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10 Oracle / Oracle GoldenGate / GoldenGate Stream Analytics	`cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.10
vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.26.0.0.250219
vers:oracle/>=21.3\|<=21.17 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:21.3-21.17:::::::*`	vers:oracle/>=21.3\|<=21.17
vers:oracle/>=23.4\|<=23.7 Oracle / Oracle GoldenGate / Oracle GoldenGate	`cpe:2.3:a:oracle:goldengate:23.4-23.7:::::::*`	vers:oracle/>=23.4\|<=23.7
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:::::::*`	vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.18
vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:::::::*`	vers:oracle/>=21.3.0.0.0\|<=21.16.0.0.0
vers:oracle/>=23.4\|<=23.6 Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters	`cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:::::::*`	vers:oracle/>=23.4\|<=23.6
vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7 Oracle / Oracle GoldenGate Stream Analytics		vers:oracle/>=19.1.0.0.0\|<=19.1.0.0.7
vers:oracle/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:oracle/23.1
vers:oracle/<23.1 Oracle / Big Data Spatial and Graph		vers:oracle/<23.1
vers:unknown/2.0 Oracle / Big Data Spatial and Graph	`cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:::::::*`	vers:unknown/2.0
vers:unknown/2.0 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/2.0
vers:unknown/20.2 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/20.2
vers:unknown/23.1 Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/23.1 Oracle / Big Data Spatial and Graph		vers:unknown/23.1
vers:unknown/none Oracle / Oracle / Big Data Spatial and Graph		vers:unknown/none
vers:oracle/23.4.3 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.3:::::::*`	vers:oracle/23.4.3
vers:oracle/24.3.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.3.0:::::::*`	vers:oracle/24.3.0
vers:oracle/23.4.4 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.4:::::::*`	vers:oracle/23.4.4
vers:oracle/24.4.0 Oracle / Oracle Graph Server and Client / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.4.0:::::::*`	vers:oracle/24.4.0
vers:oracle/<=22.4.7 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:::::::*`	vers:oracle/<=22.4.7
vers:oracle/<=23.4.2 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:::::::*`	vers:oracle/<=23.4.2
vers:oracle/<=24.1.0 Oracle / Graph Server and Client	`cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:::::::*`	vers:oracle/<=24.1.0
vers:oracle/3.0.6 Oracle / Oracle Big Data Spatial and Graph	`cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:::::::*`	vers:oracle/3.0.6
vers:oracle/12.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.1:::::::*`	vers:oracle/12.1.0.1
vers:oracle/12.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.2:::::::*`	vers:oracle/12.1.0.2
vers:oracle/12.1.0.3 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:12.1.0.3:::::::*`	vers:oracle/12.1.0.3
vers:oracle/18.1.0.0 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.0:::::::*`	vers:oracle/18.1.0.0
vers:oracle/18.1.0.1 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.1:::::::*`	vers:oracle/18.1.0.1
vers:oracle/18.1.0.2 Oracle / Oracle Secure Backup / Oracle Secure Backup	`cpe:2.3:a:oracle:secure_backup:18.1.0.2:::::::*`	vers:oracle/18.1.0.2
vers:semver/12.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.1
vers:semver/12.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.2
vers:semver/12.1.0.3 Oracle Corporation / Oracle Secure Backup		vers:semver/12.1.0.3
vers:semver/18.1.0.0 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.0
vers:semver/18.1.0.1 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.1
vers:semver/18.1.0.2 Oracle Corporation / Oracle Secure Backup		vers:semver/18.1.0.2

References

58 references

URL	Category
https://www.oracle.com/security-alerts/cpuapr2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2020…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores vari\u00ebrend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Covert Timing Channel",
        "title": "CWE-385"
      },
      {
        "category": "general",
        "text": "Improper Verification of Cryptographic Signature",
        "title": "CWE-347"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
        "title": "CWE-44"
      },
      {
        "category": "general",
        "text": "Sensitive Information in Resource Not Removed Before Reuse",
        "title": "CWE-226"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Off-by-one Error",
        "title": "CWE-193"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Unprotected Transport of Credentials",
        "title": "CWE-523"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
        "title": "CWE-614"
      },
      {
        "category": "general",
        "text": "Improper Authorization",
        "title": "CWE-285"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
        "title": "CWE-74"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Database Producten",
    "tracking": {
      "current_release_date": "2025-04-16T08:37:39.412900Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0123",
      "initial_release_date": "2025-04-16T08:37:39.412900Z",
      "revision_history": [
        {
          "date": "2025-04-16T08:37:39.412900Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/22.1",
                    "product": {
                      "name": "vers:unknown/22.1",
                      "product_id": "CSAFPID-1304603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Database Server"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/13.5.0.0",
                    "product": {
                      "name": "vers:unknown/13.5.0.0",
                      "product_id": "CSAFPID-1201359"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Enterprise Manager for Oracle Database"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698376"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698377"
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.1",
                    "product": {
                      "name": "vers:oracle/23.1",
                      "product_id": "CSAFPID-1238473"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/2.0",
                    "product": {
                      "name": "vers:unknown/2.0",
                      "product_id": "CSAFPID-1237753"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/20.2",
                    "product": {
                      "name": "vers:unknown/20.2",
                      "product_id": "CSAFPID-1238475"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/23.1",
                    "product": {
                      "name": "vers:unknown/23.1",
                      "product_id": "CSAFPID-1296375"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-1237603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Big Data Spatial and Graph"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                "product": {
                  "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                  "product_id": "CSAFPID-1145825"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                "product": {
                  "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                  "product_id": "CSAFPID-1145826"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                    "product": {
                      "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                      "product_id": "CSAFPID-2698969",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698968",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                    "product": {
                      "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                      "product_id": "CSAFPID-1839905",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2698934",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Database Server"
              }
            ],
            "category": "product_family",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/13.5.0.0",
                "product": {
                  "name": "vers:oracle/13.5.0.0",
                  "product_id": "CSAFPID-1144644"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Enterprise Manager for Oracle Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.5.0",
                    "product": {
                      "name": "vers:oracle/1.5.0",
                      "product_id": "CSAFPID-2699002",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.0",
                    "product": {
                      "name": "vers:oracle/1.6.0",
                      "product_id": "CSAFPID-2699003",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.1",
                    "product": {
                      "name": "vers:oracle/1.6.1",
                      "product_id": "CSAFPID-2699004",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle NoSQL Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle NoSQL Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                    "product": {
                      "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                      "product_id": "CSAFPID-2699053",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle TimesTen In-Memory Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle TimesTen In-Memory Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.1.0",
                    "product": {
                      "name": "vers:oracle/25.1.0",
                      "product_id": "CSAFPID-2698932",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.2.0",
                    "product": {
                      "name": "vers:oracle/25.2.0",
                      "product_id": "CSAFPID-2698931",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                      "product_id": "CSAFPID-2698930",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                      "product_id": "CSAFPID-2698933",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Autonomous Health Framework"
              }
            ],
            "category": "product_family",
            "name": "Oracle Autonomous Health Framework"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/21.7.1.0.0",
                    "product": {
                      "name": "vers:oracle/21.7.1.0.0",
                      "product_id": "CSAFPID-2698943",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Essbase"
              }
            ],
            "category": "product_family",
            "name": "Oracle Essbase"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                      "product_id": "CSAFPID-2698949",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate Stream Analytics"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698941",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698942",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2699022",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                      "product_id": "CSAFPID-1839977",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                      "product_id": "CSAFPID-1840034",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                      "product_id": "CSAFPID-1840035",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate Big Data and Application Adapters"
              }
            ],
            "category": "product_family",
            "name": "Oracle GoldenGate"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                "product": {
                  "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                  "product_id": "CSAFPID-1144602"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle GoldenGate Stream Analytics"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c23.1",
                "product": {
                  "name": "vers:oracle/\u003c23.1",
                  "product_id": "CSAFPID-1145800"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/2.0",
                "product": {
                  "name": "vers:unknown/2.0",
                  "product_id": "CSAFPID-356315",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/23.1",
                "product": {
                  "name": "vers:unknown/23.1",
                  "product_id": "CSAFPID-356152"
                }
              }
            ],
            "category": "product_name",
            "name": "Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.3",
                    "product": {
                      "name": "vers:oracle/23.4.3",
                      "product_id": "CSAFPID-2699065",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2699066",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.4",
                    "product": {
                      "name": "vers:oracle/23.4.4",
                      "product_id": "CSAFPID-1840017",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.4.0",
                    "product": {
                      "name": "vers:oracle/24.4.0",
                      "product_id": "CSAFPID-1840013",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Graph Server and Client"
              }
            ],
            "category": "product_family",
            "name": "Oracle Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=22.4.7",
                "product": {
                  "name": "vers:oracle/\u003c=22.4.7",
                  "product_id": "CSAFPID-1145419",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=23.4.2",
                "product": {
                  "name": "vers:oracle/\u003c=23.4.2",
                  "product_id": "CSAFPID-1145421",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=24.1.0",
                "product": {
                  "name": "vers:oracle/\u003c=24.1.0",
                  "product_id": "CSAFPID-1145422",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/3.0.6",
                "product": {
                  "name": "vers:oracle/3.0.6",
                  "product_id": "CSAFPID-1145420",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.1",
                    "product": {
                      "name": "vers:oracle/12.1.0.1",
                      "product_id": "CSAFPID-2699109",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.2",
                    "product": {
                      "name": "vers:oracle/12.1.0.2",
                      "product_id": "CSAFPID-2699107",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.3",
                    "product": {
                      "name": "vers:oracle/12.1.0.3",
                      "product_id": "CSAFPID-2699106",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.0",
                    "product": {
                      "name": "vers:oracle/18.1.0.0",
                      "product_id": "CSAFPID-2699110",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.1",
                    "product": {
                      "name": "vers:oracle/18.1.0.1",
                      "product_id": "CSAFPID-2698972",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.2",
                    "product": {
                      "name": "vers:oracle/18.1.0.2",
                      "product_id": "CSAFPID-2699108",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Secure Backup"
              }
            ],
            "category": "product_family",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/19.3|\u003c=19.26",
                "product": {
                  "name": "vers:semver/19.3|\u003c=19.26",
                  "product_id": "CSAFPID-2698485"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/21.3|\u003c=21.17",
                "product": {
                  "name": "vers:semver/21.3|\u003c=21.17",
                  "product_id": "CSAFPID-2698486"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/23.4|\u003c=23.7",
                "product": {
                  "name": "vers:semver/23.4|\u003c=23.7",
                  "product_id": "CSAFPID-2698487"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.1",
                "product": {
                  "name": "vers:semver/12.1.0.1",
                  "product_id": "CSAFPID-2698463"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.2",
                "product": {
                  "name": "vers:semver/12.1.0.2",
                  "product_id": "CSAFPID-2698464"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.3",
                "product": {
                  "name": "vers:semver/12.1.0.3",
                  "product_id": "CSAFPID-2698465"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.0",
                "product": {
                  "name": "vers:semver/18.1.0.0",
                  "product_id": "CSAFPID-2698466"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.1",
                "product": {
                  "name": "vers:semver/18.1.0.1",
                  "product_id": "CSAFPID-2698467"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.2",
                "product": {
                  "name": "vers:semver/18.1.0.2",
                  "product_id": "CSAFPID-2698468"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-1935",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1935"
    },
    {
      "cve": "CVE-2020-1938",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization",
          "title": "CWE-285"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1938",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1938"
    },
    {
      "cve": "CVE-2020-9484",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-9484",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-9484"
    },
    {
      "cve": "CVE-2020-11996",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11996",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json"
        }
      ],
      "title": "CVE-2020-11996"
    },
    {
      "cve": "CVE-2020-13935",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json"
        }
      ],
      "title": "CVE-2020-13935"
    },
    {
      "cve": "CVE-2020-13943",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13943",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-13943"
    },
    {
      "cve": "CVE-2020-36843",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Cryptographic Signature",
          "title": "CWE-347"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36843",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-36843"
    },
    {
      "cve": "CVE-2021-24122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-24122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-24122"
    },
    {
      "cve": "CVE-2021-25122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25122"
    },
    {
      "cve": "CVE-2021-25329",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25329",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25329"
    },
    {
      "cve": "CVE-2021-30640",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-30640",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33037",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41079",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41079"
    },
    {
      "cve": "CVE-2021-41184",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2021-42575",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-42575",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json"
        }
      ],
      "title": "CVE-2021-42575"
    },
    {
      "cve": "CVE-2021-43980",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-43980",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2022-3786",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Off-by-one Error",
          "title": "CWE-193"
        },
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-3786",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-3786"
    },
    {
      "cve": "CVE-2022-25762",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "other",
          "text": "Sensitive Information in Resource Not Removed Before Reuse",
          "title": "CWE-226"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-25762",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-25762"
    },
    {
      "cve": "CVE-2022-42252",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42252",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-42252"
    },
    {
      "cve": "CVE-2023-28708",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Unprotected Transport of Credentials",
          "title": "CWE-523"
        },
        {
          "category": "other",
          "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
          "title": "CWE-614"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28708",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-34053",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-34053"
    },
    {
      "cve": "CVE-2023-41080",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-41080",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-42795",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-42795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45648",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45648",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-46589",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46589",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2024-6763",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6763",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
        }
      ],
      "title": "CVE-2024-6763"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-8184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8184"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9143",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-11233",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11233",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11233"
    },
    {
      "cve": "CVE-2024-11234",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
          "title": "CWE-74"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11234"
    },
    {
      "cve": "CVE-2024-11236",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11236",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11236"
    },
    {
      "cve": "CVE-2024-13176",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Covert Timing Channel",
          "title": "CWE-385"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-13176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-13176"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-36114",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-36114"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-39338",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39338",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-39338"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2024-53382",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53382",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-53382"
    },
    {
      "cve": "CVE-2024-57699",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57699",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-21578",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21578",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-21578"
    },
    {
      "cve": "CVE-2025-24813",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
          "title": "CWE-44"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24813"
    },
    {
      "cve": "CVE-2025-24970",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-25193",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25193",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-25193"
    },
    {
      "cve": "CVE-2025-26791",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26791",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-26791"
    },
    {
      "cve": "CVE-2025-30694",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30694",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30694"
    },
    {
      "cve": "CVE-2025-30701",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30701",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30701"
    },
    {
      "cve": "CVE-2025-30702",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30702",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30702"
    },
    {
      "cve": "CVE-2025-30733",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30733",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30733"
    },
    {
      "cve": "CVE-2025-30736",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30736"
    }
  ]
}

NCSC-2025-0127

Vulnerability from csaf_ncscnl - Published: 2025-04-16 15:00 - Updated: 2025-04-16 15:00

Summary

Kwetsbaarheden verholpen in Oracle Financial Services

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten

Interpretaties: De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico's. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-670: Always-Incorrect Control Flow Implementation

CWE-676: Use of Potentially Dangerous Function

CWE-921: Storage of Sensitive Data in a Mechanism without Access Control

CWE-922: Insecure Storage of Sensitive Information

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-178: Improper Handling of Case Sensitivity

CWE-303: Incorrect Implementation of Authentication Algorithm

CWE-732: Incorrect Permission Assignment for Critical Resource

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition

CWE-680: Integer Overflow to Buffer Overflow

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-404: Improper Resource Shutdown or Release

CWE-284: Improper Access Control

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-400: Uncontrolled Resource Consumption

CWE-502: Deserialization of Untrusted Data

CWE-674: Uncontrolled Recursion

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611: Improper Restriction of XML External Entity Reference

CWE-121: Stack-based Buffer Overflow

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-20: Improper Input Validation

CVE-2021-28170

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2023-39410

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-502 - Deserialization of Untrusted Data

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2023-49582

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-732 - Incorrect Permission Assignment for Critical Resource

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-5206

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-921 - Storage of Sensitive Data in a Mechanism without Access Control

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-28168

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-28219

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-35195

5.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N

CWE-670 - Always-Incorrect Control Flow Implementation

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-38819

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-38827

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-47072

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-47554

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-56128

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-303 - Incorrect Implementation of Authentication Algorithm

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-56337

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2024-57699

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2025-21573

6.0 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2025-23184

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

CVE-2025-24970

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 44 products

Product	Identifier	Version
vers:unknown/8.1.2.7.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.2.7.0
vers:unknown/8.1.3.0 Oracle / Oracle / Financial Services Model Management and Governance		vers:unknown/8.1.3.0
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.7.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:::::::*`	vers:oracle/8.1.2.7.0
vers:oracle/8.1.3.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Model Management and Governance	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:::::::*`	vers:oracle/8.1.3.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking APIs	`cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:oracle/21.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:::::::*`	vers:oracle/21.1.0.0.0
vers:oracle/22.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:::::::*`	vers:oracle/22.1.0.0.0
vers:oracle/22.2.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Digital Experience	`cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:::::::*`	vers:oracle/22.2.0.0.0
vers:unknown/8.0.7.8 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.7.8
vers:unknown/8.0.8.6 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.0.8.6
vers:unknown/8.1.1.4 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.1.4
vers:oracle/8.0.7.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:::::::*`	vers:oracle/8.0.7.8
vers:unknown/8.1.2.5 Oracle / Oracle / Financial Services Analytical Applications Infrastructure		vers:unknown/8.1.2.5
vers:oracle/8.0.8.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:::::::*`	vers:oracle/8.0.8.6
vers:oracle/8.1.1.4 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:::::::*`	vers:oracle/8.1.1.4
vers:oracle/8.1.2.5 Oracle / Oracle Financial Services Applications / Oracle Financial Services Analytical Applications Infrastructure	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:::::::*`	vers:oracle/8.1.2.5
vers:oracle/5.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:::::::*`	vers:oracle/5.1.0.0.0
vers:oracle/6.1.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	vers:oracle/6.1.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Financial Services Revenue Management and Billing	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:::::::*`	vers:oracle/>=2.9.0.0.0\|<=7.0.0.0.0
vers:semver/5.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/5.1.0.0.0
vers:semver/6.1.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/6.1.0.0.0
vers:semver/7.0.0.0.0 Oracle Corporation / Oracle Financial Services Revenue Management and Billing		vers:semver/7.0.0.0.0
vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.4.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Corporate Lending Process Management	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Origination	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:::::::*`	vers:oracle/>=14.5.0.0.0\|<=14.7.0.0.0
vers:unknown/8.0.8.1 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.0.8.1
vers:unknown/8.1.2.7 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.7
vers:unknown/8.1.2.8 Oracle / Oracle / Financial Services Behavior Detection Platform		vers:unknown/8.1.2.8
vers:oracle/8.0.8.1 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	vers:oracle/8.0.8.1
vers:oracle/8.1.2.7 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	vers:oracle/8.1.2.7
vers:oracle/8.1.2.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:::::::*`	vers:oracle/8.1.2.8
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Behavior Detection Platform	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:::::::*`	vers:oracle/8.1.2.9
vers:oracle/8.0.8 Oracle / Oracle Financial Services Applications / Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8::::enterprise:::`	vers:oracle/8.0.8
vers:unknown/14.7.0.7.0 Oracle / Oracle / Banking Liquidity Management		vers:unknown/14.7.0.7.0
vers:oracle/14.7.0.7.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:::::::*`	vers:oracle/14.7.0.7.0
vers:oracle/14.7.5.0.0 Oracle / Oracle Financial Services Applications / Oracle Banking Liquidity Management	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:::::::*`	vers:oracle/14.7.5.0.0
vers:unknown/8.1.2.6 Oracle / Oracle / Financial Services Compliance Studio		vers:unknown/8.1.2.6
vers:oracle/8.1.2.6 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	vers:oracle/8.1.2.6
vers:oracle/8.1.2.9 Oracle / Oracle Financial Services Applications / Oracle Financial Services Compliance Studio	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:::::::*`	vers:oracle/8.1.2.9

References

20 references

URL	Category
https://www.oracle.com/security-alerts/cpuapr2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2021…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in verschillende Financial Services producten",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen niet-geauthenticeerde kwaadwillenden in staat om via HTTP toegang te krijgen tot kritieke gegevens, wat kan leiden tot ongeautoriseerde gegevenstoegang en andere beveiligingsrisico\u0027s. Kwaadwillenden kunnen ook gebruik maken van misconfiguraties en kwetsbaarheden in de software om privilege-escalatie, denial-of-service en remote code execution uit te voeren.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Always-Incorrect Control Flow Implementation",
        "title": "CWE-670"
      },
      {
        "category": "general",
        "text": "Use of Potentially Dangerous Function",
        "title": "CWE-676"
      },
      {
        "category": "general",
        "text": "Storage of Sensitive Data in a Mechanism without Access Control",
        "title": "CWE-921"
      },
      {
        "category": "general",
        "text": "Insecure Storage of Sensitive Information",
        "title": "CWE-922"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Incorrect Implementation of Authentication Algorithm",
        "title": "CWE-303"
      },
      {
        "category": "general",
        "text": "Incorrect Permission Assignment for Critical Resource",
        "title": "CWE-732"
      },
      {
        "category": "general",
        "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
        "title": "CWE-367"
      },
      {
        "category": "general",
        "text": "Integer Overflow to Buffer Overflow",
        "title": "CWE-680"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Financial Services",
    "tracking": {
      "current_release_date": "2025-04-16T15:00:12.952979Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0127",
      "initial_release_date": "2025-04-16T15:00:12.952979Z",
      "revision_history": [
        {
          "date": "2025-04-16T15:00:12.952979Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.2.7.0",
                    "product": {
                      "name": "vers:unknown/8.1.2.7.0",
                      "product_id": "CSAFPID-2698335"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.3.0",
                    "product": {
                      "name": "vers:unknown/8.1.3.0",
                      "product_id": "CSAFPID-1838588"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Financial Services Model Management and Governance"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.0.7.8",
                    "product": {
                      "name": "vers:unknown/8.0.7.8",
                      "product_id": "CSAFPID-1838570"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.0.8.6",
                    "product": {
                      "name": "vers:unknown/8.0.8.6",
                      "product_id": "CSAFPID-1838583"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.1.4",
                    "product": {
                      "name": "vers:unknown/8.1.1.4",
                      "product_id": "CSAFPID-2698354"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.2.5",
                    "product": {
                      "name": "vers:unknown/8.1.2.5",
                      "product_id": "CSAFPID-1838577"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Financial Services Analytical Applications Infrastructure"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.0.8.1",
                    "product": {
                      "name": "vers:unknown/8.0.8.1",
                      "product_id": "CSAFPID-1199519"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.2.7",
                    "product": {
                      "name": "vers:unknown/8.1.2.7",
                      "product_id": "CSAFPID-1838573"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.2.8",
                    "product": {
                      "name": "vers:unknown/8.1.2.8",
                      "product_id": "CSAFPID-1838574"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Financial Services Behavior Detection Platform"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/14.7.0.7.0",
                    "product": {
                      "name": "vers:unknown/14.7.0.7.0",
                      "product_id": "CSAFPID-2698380"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Banking Liquidity Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/8.1.2.6",
                    "product": {
                      "name": "vers:unknown/8.1.2.6",
                      "product_id": "CSAFPID-1838589"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Financial Services Compliance Studio"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.6",
                    "product": {
                      "name": "vers:oracle/8.1.2.6",
                      "product_id": "CSAFPID-1839860",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.7",
                    "product": {
                      "name": "vers:oracle/8.1.2.7",
                      "product_id": "CSAFPID-1839857",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.7.0",
                    "product": {
                      "name": "vers:oracle/8.1.2.7.0",
                      "product_id": "CSAFPID-2699019",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.7.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.3.0",
                    "product": {
                      "name": "vers:oracle/8.1.3.0",
                      "product_id": "CSAFPID-1839858",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Model Management and Governance"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/21.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/21.1.0.0.0",
                      "product_id": "CSAFPID-2698953",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_apis:21.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/22.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/22.1.0.0.0",
                      "product_id": "CSAFPID-2698951",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_apis:22.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/22.2.0.0.0",
                    "product": {
                      "name": "vers:oracle/22.2.0.0.0",
                      "product_id": "CSAFPID-2698952",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_apis:22.2.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Banking APIs"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/21.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/21.1.0.0.0",
                      "product_id": "CSAFPID-2698992",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_digital_experience:21.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/22.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/22.1.0.0.0",
                      "product_id": "CSAFPID-2698990",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/22.2.0.0.0",
                    "product": {
                      "name": "vers:oracle/22.2.0.0.0",
                      "product_id": "CSAFPID-2698994",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_digital_experience:22.2.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Banking Digital Experience"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.7.8",
                    "product": {
                      "name": "vers:oracle/8.0.7.8",
                      "product_id": "CSAFPID-1839976",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.8:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.8.6",
                    "product": {
                      "name": "vers:oracle/8.0.8.6",
                      "product_id": "CSAFPID-1839966",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.6:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.1.4",
                    "product": {
                      "name": "vers:oracle/8.1.1.4",
                      "product_id": "CSAFPID-2699017",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.5",
                    "product": {
                      "name": "vers:oracle/8.1.2.5",
                      "product_id": "CSAFPID-1839974",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2.5:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Analytical Applications Infrastructure"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/5.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/5.1.0.0.0",
                      "product_id": "CSAFPID-2699099",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:5.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/6.1.0.0.0",
                    "product": {
                      "name": "vers:oracle/6.1.0.0.0",
                      "product_id": "CSAFPID-2699100",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/7.0.0.0.0",
                      "product_id": "CSAFPID-2699101",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:7.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=2.9.0.0.0|\u003c=7.0.0.0.0",
                      "product_id": "CSAFPID-1839884",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.9.0.0.0-7.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Revenue Management and Billing"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=14.4.0.0.0|\u003c=14.7.0.0.0",
                      "product_id": "CSAFPID-1839866",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
                      "product_id": "CSAFPID-2698995",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Banking Corporate Lending Process Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=14.5.0.0.0|\u003c=14.7.0.0.0",
                      "product_id": "CSAFPID-1839867",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_origination:14.5.0.0.0-14.7.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Banking Origination"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.8.1",
                    "product": {
                      "name": "vers:oracle/8.0.8.1",
                      "product_id": "CSAFPID-1839881",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.7",
                    "product": {
                      "name": "vers:oracle/8.1.2.7",
                      "product_id": "CSAFPID-1839880",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.8",
                    "product": {
                      "name": "vers:oracle/8.1.2.8",
                      "product_id": "CSAFPID-1839882",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.9",
                    "product": {
                      "name": "vers:oracle/8.1.2.9",
                      "product_id": "CSAFPID-2698954",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.9:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Behavior Detection Platform"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.0.8",
                    "product": {
                      "name": "vers:oracle/8.0.8",
                      "product_id": "CSAFPID-1839878",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.8:*:*:*:enterprise:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/14.7.0.7.0",
                    "product": {
                      "name": "vers:oracle/14.7.0.7.0",
                      "product_id": "CSAFPID-2698938",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.7.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/14.7.5.0.0",
                    "product": {
                      "name": "vers:oracle/14.7.5.0.0",
                      "product_id": "CSAFPID-1839923",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:banking_liquidity_management:14.7.5.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Banking Liquidity Management"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.6",
                    "product": {
                      "name": "vers:oracle/8.1.2.6",
                      "product_id": "CSAFPID-1839871",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/8.1.2.9",
                    "product": {
                      "name": "vers:oracle/8.1.2.9",
                      "product_id": "CSAFPID-2699005",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.9:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Financial Services Compliance Studio"
              }
            ],
            "category": "product_family",
            "name": "Oracle Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/5.1.0.0.0",
                "product": {
                  "name": "vers:semver/5.1.0.0.0",
                  "product_id": "CSAFPID-2698450"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/6.1.0.0.0",
                "product": {
                  "name": "vers:semver/6.1.0.0.0",
                  "product_id": "CSAFPID-2698451"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/7.0.0.0.0",
                "product": {
                  "name": "vers:semver/7.0.0.0.0",
                  "product_id": "CSAFPID-2698452"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Financial Services Revenue Management and Billing"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-28170",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-28170",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28170.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2021-28170"
    },
    {
      "cve": "CVE-2023-39410",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-39410",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-49582",
      "cwe": {
        "id": "CWE-732",
        "name": "Incorrect Permission Assignment for Critical Resource"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Permission Assignment for Critical Resource",
          "title": "CWE-732"
        },
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-49582",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49582.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2023-49582"
    },
    {
      "cve": "CVE-2024-5206",
      "cwe": {
        "id": "CWE-921",
        "name": "Storage of Sensitive Data in a Mechanism without Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Storage of Sensitive Data in a Mechanism without Access Control",
          "title": "CWE-921"
        },
        {
          "category": "other",
          "text": "Insecure Storage of Sensitive Information",
          "title": "CWE-922"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5206",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5206.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-5206"
    },
    {
      "cve": "CVE-2024-28168",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28168",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-28168"
    },
    {
      "cve": "CVE-2024-28219",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "Use of Potentially Dangerous Function",
          "title": "CWE-676"
        },
        {
          "category": "other",
          "text": "Integer Overflow to Buffer Overflow",
          "title": "CWE-680"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28219",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28219.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-35195",
      "cwe": {
        "id": "CWE-670",
        "name": "Always-Incorrect Control Flow Implementation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Always-Incorrect Control Flow Implementation",
          "title": "CWE-670"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-35195",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-47072",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47072",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-47072"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-56128",
      "cwe": {
        "id": "CWE-303",
        "name": "Incorrect Implementation of Authentication Algorithm"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Implementation of Authentication Algorithm",
          "title": "CWE-303"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-56128",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56128.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-56128"
    },
    {
      "cve": "CVE-2024-56337",
      "cwe": {
        "id": "CWE-367",
        "name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
          "title": "CWE-367"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-56337",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-56337"
    },
    {
      "cve": "CVE-2024-57699",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57699",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-21573",
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21573",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21573.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2025-21573"
    },
    {
      "cve": "CVE-2025-23184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-23184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json"
        }
      ],
      "title": "CVE-2025-23184"
    },
    {
      "cve": "CVE-2025-24970",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-2698335",
          "CSAFPID-1838588",
          "CSAFPID-1839860",
          "CSAFPID-1839857",
          "CSAFPID-2699019",
          "CSAFPID-1839858",
          "CSAFPID-2698953",
          "CSAFPID-2698951",
          "CSAFPID-2698952",
          "CSAFPID-2698992",
          "CSAFPID-2698990",
          "CSAFPID-2698994",
          "CSAFPID-1838570",
          "CSAFPID-1838583",
          "CSAFPID-2698354",
          "CSAFPID-1839976",
          "CSAFPID-1838577",
          "CSAFPID-1839966",
          "CSAFPID-2699017",
          "CSAFPID-1839974",
          "CSAFPID-2699099",
          "CSAFPID-2699100",
          "CSAFPID-2699101",
          "CSAFPID-1839884",
          "CSAFPID-2698450",
          "CSAFPID-2698451",
          "CSAFPID-2698452",
          "CSAFPID-1839866",
          "CSAFPID-2698995",
          "CSAFPID-1839867",
          "CSAFPID-1199519",
          "CSAFPID-1838573",
          "CSAFPID-1838574",
          "CSAFPID-1839881",
          "CSAFPID-1839880",
          "CSAFPID-1839882",
          "CSAFPID-2698954",
          "CSAFPID-1839878",
          "CSAFPID-2698380",
          "CSAFPID-2698938",
          "CSAFPID-1839923",
          "CSAFPID-1838589",
          "CSAFPID-1839871",
          "CSAFPID-2699005"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-2698335",
            "CSAFPID-1838588",
            "CSAFPID-1839860",
            "CSAFPID-1839857",
            "CSAFPID-2699019",
            "CSAFPID-1839858",
            "CSAFPID-2698953",
            "CSAFPID-2698951",
            "CSAFPID-2698952",
            "CSAFPID-2698992",
            "CSAFPID-2698990",
            "CSAFPID-2698994",
            "CSAFPID-1838570",
            "CSAFPID-1838583",
            "CSAFPID-2698354",
            "CSAFPID-1839976",
            "CSAFPID-1838577",
            "CSAFPID-1839966",
            "CSAFPID-2699017",
            "CSAFPID-1839974",
            "CSAFPID-2699099",
            "CSAFPID-2699100",
            "CSAFPID-2699101",
            "CSAFPID-1839884",
            "CSAFPID-2698450",
            "CSAFPID-2698451",
            "CSAFPID-2698452",
            "CSAFPID-1839866",
            "CSAFPID-2698995",
            "CSAFPID-1839867",
            "CSAFPID-1199519",
            "CSAFPID-1838573",
            "CSAFPID-1838574",
            "CSAFPID-1839881",
            "CSAFPID-1839880",
            "CSAFPID-1839882",
            "CSAFPID-2698954",
            "CSAFPID-1839878",
            "CSAFPID-2698380",
            "CSAFPID-2698938",
            "CSAFPID-1839923",
            "CSAFPID-1838589",
            "CSAFPID-1839871",
            "CSAFPID-2699005"
          ]
        }
      ],
      "title": "CVE-2025-24970"
    }
  ]
}

NCSC-2025-0129

Vulnerability from csaf_ncscnl - Published: 2025-04-16 15:02 - Updated: 2025-04-16 15:02

Summary

Kwetsbaarheden verholpen in Oracle Analytics

Notes

Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.

Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-399: CWE-399

CWE-669: Incorrect Resource Transfer Between Spheres

CWE-178: Improper Handling of Case Sensitivity

CWE-311: Missing Encryption of Sensitive Data

CWE-639: Authorization Bypass Through User-Controlled Key

CWE-125: Out-of-bounds Read

CWE-404: Improper Resource Shutdown or Release

CWE-284: Improper Access Control

CWE-401: Missing Release of Memory after Effective Lifetime

CWE-94: Improper Control of Generation of Code ('Code Injection')

CWE-400: Uncontrolled Resource Consumption

CWE-770: Allocation of Resources Without Limits or Throttling

CWE-502: Deserialization of Untrusted Data

CWE-787: Out-of-bounds Write

CWE-73: External Control of File Name or Path

CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-20: Improper Input Validation

CWE-87: Improper Neutralization of Alternate XSS Syntax

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2022-36033

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-87 - Improper Neutralization of Alternate XSS Syntax

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2023-24998

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2023-25399

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-401 - Missing Release of Memory after Effective Lifetime

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2023-38546

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-73 - External Control of File Name or Path

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2023-52428

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-7264

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-9143

CWE-787 - Out-of-bounds Write

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-30172

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-32007

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-404 - Improper Resource Shutdown or Release

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-37891

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-669 - Incorrect Resource Transfer Between Spheres

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-38820

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-38827

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2024-52046

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2025-30723

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

CVE-2025-30724

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Known affected 14 products

Product	Identifier	Version
vers:oracle/12.2.1.4.0 Oracle / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::`	vers:oracle/12.2.1.4.0
vers:oracle/6.4.0.0.0 Oracle / Oracle Business Intelligence Enterprise Edition		vers:oracle/6.4.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0::::enterprise:::`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle Business Intelligence Enterprise Edition	`cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0::::enterprise:::`	vers:oracle/7.6.0.0.0
vers:unknown/12.2.1.4.0 Oracle / Oracle / BI Publisher		vers:unknown/12.2.1.4.0
vers:unknown/7.6.0.0.0 Oracle / Oracle / BI Publisher		vers:unknown/7.6.0.0.0
vers:oracle/12.2.1.4.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:::::::*`	vers:oracle/12.2.1.4.0
vers:oracle/7.0.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.0.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:::::::*`	vers:oracle/7.0.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle Analytics / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:oracle/7.6.0.0.0 Oracle / Oracle BI Publisher	`cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:::::::*`	vers:oracle/7.6.0.0.0
vers:semver/12.2.1.4.0 Oracle Corporation / Oracle BI Publisher		vers:semver/12.2.1.4.0
vers:semver/7.6.0.0.0 Oracle Corporation / Oracle BI Publisher		vers:semver/7.6.0.0.0

References

16 references

URL	Category
https://www.oracle.com/security-alerts/cpuapr2025.html	external
https://api.ncsc.nl/velma/v1/vulnerabilities/2022…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2023…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2024…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self
https://api.ncsc.nl/velma/v1/vulnerabilities/2025…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot gevoelige gegevens, Denial-of-Service aan te richten, en zelfs volledige controle over systemen te verkrijgen. Specifieke kwetsbaarheden in Oracle Business Intelligence Enterprise Edition kunnen leiden tot ongeautoriseerde toegang en manipulatie van gegevens via HTTP. Daarnaast zijn er kwetsbaarheden die Denial-of-Service kunnen veroorzaken door onjuiste invoer of misbruik van systeemfunctionaliteiten.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "CWE-399",
        "title": "CWE-399"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Missing Encryption of Sensitive Data",
        "title": "CWE-311"
      },
      {
        "category": "general",
        "text": "Authorization Bypass Through User-Controlled Key",
        "title": "CWE-639"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "External Control of File Name or Path",
        "title": "CWE-73"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Alternate XSS Syntax",
        "title": "CWE-87"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Analytics",
    "tracking": {
      "current_release_date": "2025-04-16T15:02:22.596981Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0129",
      "initial_release_date": "2025-04-16T15:02:22.596981Z",
      "revision_history": [
        {
          "date": "2025-04-16T15:02:22.596981Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/12.2.1.4.0",
                "product": {
                  "name": "vers:oracle/12.2.1.4.0",
                  "product_id": "CSAFPID-1144583",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/6.4.0.0.0",
                "product": {
                  "name": "vers:oracle/6.4.0.0.0",
                  "product_id": "CSAFPID-1144584"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Business Intelligence Enterprise Edition"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.2.1.4.0",
                    "product": {
                      "name": "vers:oracle/12.2.1.4.0",
                      "product_id": "CSAFPID-1839844",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/7.0.0.0.0",
                      "product_id": "CSAFPID-1839843",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.6.0.0.0",
                    "product": {
                      "name": "vers:oracle/7.6.0.0.0",
                      "product_id": "CSAFPID-1839853",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Business Intelligence Enterprise Edition"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.2.1.4.0",
                    "product": {
                      "name": "vers:oracle/12.2.1.4.0",
                      "product_id": "CSAFPID-2698946",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.0.0.0.0",
                    "product": {
                      "name": "vers:oracle/7.0.0.0.0",
                      "product_id": "CSAFPID-1839839",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/7.6.0.0.0",
                    "product": {
                      "name": "vers:oracle/7.6.0.0.0",
                      "product_id": "CSAFPID-1839840",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle BI Publisher"
              }
            ],
            "category": "product_family",
            "name": "Oracle Analytics"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/12.2.1.4.0",
                    "product": {
                      "name": "vers:unknown/12.2.1.4.0",
                      "product_id": "CSAFPID-1215050"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/7.6.0.0.0",
                    "product": {
                      "name": "vers:unknown/7.6.0.0.0",
                      "product_id": "CSAFPID-1838786"
                    }
                  }
                ],
                "category": "product_name",
                "name": "BI Publisher"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/7.0.0.0.0",
                "product": {
                  "name": "vers:oracle/7.0.0.0.0",
                  "product_id": "CSAFPID-1145643",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/7.6.0.0.0",
                "product": {
                  "name": "vers:oracle/7.6.0.0.0",
                  "product_id": "CSAFPID-1173987",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle BI Publisher"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/12.2.1.4.0",
                "product": {
                  "name": "vers:semver/12.2.1.4.0",
                  "product_id": "CSAFPID-2698635"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/7.6.0.0.0",
                "product": {
                  "name": "vers:semver/7.6.0.0.0",
                  "product_id": "CSAFPID-2698634"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle BI Publisher"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-36033",
      "cwe": {
        "id": "CWE-87",
        "name": "Improper Neutralization of Alternate XSS Syntax"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Alternate XSS Syntax",
          "title": "CWE-87"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36033",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2022-36033"
    },
    {
      "cve": "CVE-2023-24998",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "CWE-399",
          "title": "CWE-399"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
        }
      ],
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-25399",
      "cwe": {
        "id": "CWE-401",
        "name": "Missing Release of Memory after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-25399",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2023-25399"
    },
    {
      "cve": "CVE-2023-38546",
      "cwe": {
        "id": "CWE-73",
        "name": "External Control of File Name or Path"
      },
      "notes": [
        {
          "category": "other",
          "text": "External Control of File Name or Path",
          "title": "CWE-73"
        },
        {
          "category": "other",
          "text": "Missing Encryption of Sensitive Data",
          "title": "CWE-311"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38546",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38546.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2023-38546"
    },
    {
      "cve": "CVE-2023-52428",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52428",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7264",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9143",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-30172",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30172",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-30172"
    },
    {
      "cve": "CVE-2024-32007",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32007",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32007.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-32007"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authorization Bypass Through User-Controlled Key",
          "title": "CWE-639"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38827",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38827.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-52046",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52046",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2024-52046"
    },
    {
      "cve": "CVE-2025-30723",
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30723",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30723.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2025-30723"
    },
    {
      "cve": "CVE-2025-30724",
      "product_status": {
        "known_affected": [
          "CSAFPID-1144583",
          "CSAFPID-1839844",
          "CSAFPID-1144584",
          "CSAFPID-1839843",
          "CSAFPID-1839853",
          "CSAFPID-1215050",
          "CSAFPID-1838786",
          "CSAFPID-2698946",
          "CSAFPID-1145643",
          "CSAFPID-1839839",
          "CSAFPID-1839840",
          "CSAFPID-1173987",
          "CSAFPID-2698635",
          "CSAFPID-2698634"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30724",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30724.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1144583",
            "CSAFPID-1839844",
            "CSAFPID-1144584",
            "CSAFPID-1839843",
            "CSAFPID-1839853",
            "CSAFPID-1215050",
            "CSAFPID-1838786",
            "CSAFPID-2698946",
            "CSAFPID-1145643",
            "CSAFPID-1839839",
            "CSAFPID-1839840",
            "CSAFPID-1173987",
            "CSAFPID-2698635",
            "CSAFPID-2698634"
          ]
        }
      ],
      "title": "CVE-2025-30724"
    }
  ]
}

WID-SEC-W-2024-3237

Vulnerability from csaf_certbund - Published: 2024-10-17 22:00 - Updated: 2026-05-12 22:00

Summary

VMware Tanzu Spring Framework: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Das Spring Framework bietet ein Entwicklungsmodell für Java mit Infrastrukturunterstützung auf Anwendungsebene.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2024-38819

Affected products

Known affected 30 products

Product	Identifier	Version
VMware Tanzu Spring Framework <6.0.25 VMware Tanzu / Spring Framework		<6.0.25
VMware Tanzu Spring Framework <6.1.14 VMware Tanzu / Spring Framework		<6.1.14
Hitachi Ops Center Hitachi / Ops Center	`cpe:/a:hitachi:ops_center:-`	—
Dell NetWorker <19.13 Dell / NetWorker		<19.13
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095) Adobe / Experience Manager Forms		<6.5.22.0 (AEMForms-6.5.0-0095)
HCL Commerce 9.1.0-9.1.19.0 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0`	9.1.0-9.1.19.0
RealObjects PDFreactor <12.0.1 RealObjects / PDFreactor		<12.0.1
IBM Operational Decision Manager IBM	`cpe:/a:ibm:operational_decision_manager:-`	—
HCL BigFix Service Management HCL / BigFix	`cpe:/a:hcltech:bigfix:service_management`	Service Management
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Hitachi Ops Center <11.0.4-00 Hitachi / Ops Center		<11.0.4-00
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Atlassian Confluence <9.2.0 (LTS) Atlassian / Confluence		<9.2.0 (LTS)
IBM InfoSphere Information Server IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:-`	—
Atlassian Bitbucket Data Center <8.9.24 (LTS) Atlassian / Bitbucket		Data Center <8.9.24 (LTS)
Atlassian Bitbucket Data Center <9.4.2 (LTS) Atlassian / Bitbucket		Data Center <9.4.2 (LTS)
Atlassian Bitbucket Data Center <9.5.0 Atlassian / Bitbucket		Data Center <9.5.0
Atlassian Confluence <7.19.30 Atlassian / Confluence		<7.19.30
Red Hat Integration Camel for Spring Boot 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_for_spring_boot_1`	Camel for Spring Boot 1
Atlassian Confluence <8.5.18 Atlassian / Confluence		<8.5.18
NetApp ActiveIQ Unified Manager NetApp / ActiveIQ Unified Manager	`cpe:/a:netapp:active_iq_unified_manager:-`	—
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16
VMware Tanzu Spring Framework <5.3.41 VMware Tanzu / Spring Framework		<5.3.41
NetApp ActiveIQ Unified Manager NetApp / ActiveIQ Unified Manager	`cpe:/a:netapp:active_iq_unified_manager:for_linux`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
Atlassian Confluence <7.19.30 (LTS) Atlassian / Confluence		<7.19.30 (LTS)
Atlassian Confluence <8.5.18 (LTS) Atlassian / Confluence		<8.5.18 (LTS)
SolarWinds Security Event Manager <2025.4 SolarWinds / Security Event Manager		<2025.4

CVE-2024-38820

Affected products

Known affected 30 products

Product	Identifier	Version
VMware Tanzu Spring Framework <6.0.25 VMware Tanzu / Spring Framework		<6.0.25
VMware Tanzu Spring Framework <6.1.14 VMware Tanzu / Spring Framework		<6.1.14
Hitachi Ops Center Hitachi / Ops Center	`cpe:/a:hitachi:ops_center:-`	—
Dell NetWorker <19.13 Dell / NetWorker		<19.13
Adobe Experience Manager Forms <6.5.22.0 (AEMForms-6.5.0-0095) Adobe / Experience Manager Forms		<6.5.22.0 (AEMForms-6.5.0-0095)
HCL Commerce 9.1.0-9.1.19.0 HCL / Commerce	`cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0`	9.1.0-9.1.19.0
RealObjects PDFreactor <12.0.1 RealObjects / PDFreactor		<12.0.1
IBM Operational Decision Manager IBM	`cpe:/a:ibm:operational_decision_manager:-`	—
HCL BigFix Service Management HCL / BigFix	`cpe:/a:hcltech:bigfix:service_management`	Service Management
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Hitachi Ops Center <11.0.4-00 Hitachi / Ops Center		<11.0.4-00
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Atlassian Confluence <9.2.0 (LTS) Atlassian / Confluence		<9.2.0 (LTS)
IBM InfoSphere Information Server IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:-`	—
Atlassian Bitbucket Data Center <8.9.24 (LTS) Atlassian / Bitbucket		Data Center <8.9.24 (LTS)
Atlassian Bitbucket Data Center <9.4.2 (LTS) Atlassian / Bitbucket		Data Center <9.4.2 (LTS)
Atlassian Bitbucket Data Center <9.5.0 Atlassian / Bitbucket		Data Center <9.5.0
Atlassian Confluence <7.19.30 Atlassian / Confluence		<7.19.30
Red Hat Integration Camel for Spring Boot 1 Red Hat / Integration	`cpe:/a:redhat:integration:camel_for_spring_boot_1`	Camel for Spring Boot 1
Atlassian Confluence <8.5.18 Atlassian / Confluence		<8.5.18
NetApp ActiveIQ Unified Manager NetApp / ActiveIQ Unified Manager	`cpe:/a:netapp:active_iq_unified_manager:-`	—
Dell Secure Connect Gateway <5.34.00.16 Dell / Secure Connect Gateway		<5.34.00.16
VMware Tanzu Spring Framework <5.3.41 VMware Tanzu / Spring Framework		<5.3.41
NetApp ActiveIQ Unified Manager NetApp / ActiveIQ Unified Manager	`cpe:/a:netapp:active_iq_unified_manager:for_linux`	—
IBM InfoSphere Information Server 11.7 IBM / InfoSphere Information Server	`cpe:/a:ibm:infosphere_information_server:11.7`	11.7
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
Atlassian Confluence <7.19.30 (LTS) Atlassian / Confluence		<7.19.30 (LTS)
Atlassian Confluence <8.5.18 (LTS) Atlassian / Confluence		<8.5.18 (LTS)
SolarWinds Security Event Manager <2025.4 SolarWinds / Security Event Manager		<2025.4

References

24 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://security.netapp.com/advisory/ntap-2025011…	external
https://jira.atlassian.com/browse/CONFSERVER-98564	external
https://github.com/masa42/CVE-2024-38819-POC	external
https://spring.io/blog/2024/10/17/spring-framewor…	external
https://www.pdfreactor.com/pdfreactor-12-hotfix-r…	external
https://access.redhat.com/errata/RHSA-2024:10700	external
https://confluence.atlassian.com/security/securit…	external
https://www.ibm.com/support/pages/node/7185046	external
https://www.ibm.com/support/pages/node/7229205	external
https://helpx.adobe.com/security/products/aem-for…	external
https://www.hitachi.com/products/it/software/secu…	external
https://security.netapp.com/advisory/NTAP-20241129-0003	external
https://www.dell.com/support/kbdoc/de-de/00033804…	external
https://support.hcl-software.com/community?id=com…	external
https://www.hitachi.com/products/it/software/secu…	external
https://www.ibm.com/support/pages/node/7246096	external
https://www.ibm.com/support/pages/node/7247442	external
https://documentation.solarwinds.com/en/success_c…	external
https://confluence.atlassian.com/security/securit…	external
https://www.ibm.com/support/pages/node/7252567	external
https://www.dell.com/support/kbdoc/de-de/00044324…	external
https://support.hcl-software.com/community?id=com…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Das Spring Framework bietet ein Entwicklungsmodell f\u00fcr Java mit Infrastrukturunterst\u00fctzung auf Anwendungsebene.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in VMware Tanzu Spring Framework ausnutzen, um Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3237 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3237.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3237 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3237"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20250110-0010 vom 2025-01-10",
        "url": "https://security.netapp.com/advisory/ntap-20250110-0010/"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Advisory CONFSERVER-98564 vom 2024-12-19",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-98564"
      },
      {
        "category": "external",
        "summary": "PoC auf GitHub vom 2024-12-17",
        "url": "https://github.com/masa42/CVE-2024-38819-POC"
      },
      {
        "category": "external",
        "summary": "Spring blog vom 2024-10-17",
        "url": "https://spring.io/blog/2024/10/17/spring-framework-cve-2024-38819-and-cve-2024-38820-published"
      },
      {
        "category": "external",
        "summary": "PDFreactor 12 Hotfix Release vom 2024-11-13",
        "url": "https://www.pdfreactor.com/pdfreactor-12-hotfix-release-12-0-1-now-available/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10700 vom 2024-12-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:10700"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Advisory BSERV-19781 vom 2025-01-21",
        "url": "https://confluence.atlassian.com/security/security-bulletin-january-21-2025-1489803942.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7185046 vom 2025-03-28",
        "url": "https://www.ibm.com/support/pages/node/7185046"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7229205 vom 2025-04-05",
        "url": "https://www.ibm.com/support/pages/node/7229205"
      },
      {
        "category": "external",
        "summary": "Adobe Security Bulletin APSB25-27 vom 2025-04-08",
        "url": "https://helpx.adobe.com/security/products/aem-forms/apsb25-27.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-113 vom 2025-05-15",
        "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-113/index.html"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20241129-0003 vom 2025-06-20",
        "url": "https://security.netapp.com/advisory/NTAP-20241129-0003"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-258 vom 2025-06-30",
        "url": "https://www.dell.com/support/kbdoc/de-de/000338043/dsa-2025-258-security-update-for-dell-networker-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2025-08-28",
        "url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=d45b6a4b93636e901254f0cd1dba10f2"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-127 vom 2025-09-30",
        "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-127/index.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7246096 vom 2025-09-29",
        "url": "https://www.ibm.com/support/pages/node/7246096"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7183042 vom 2025-10-08",
        "url": "https://www.ibm.com/support/pages/node/7247442"
      },
      {
        "category": "external",
        "summary": "Solarwinds SEM 2025.4 release notes vom 2025-10-14",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-4_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7252567 vom 2025-11-26",
        "url": "https://www.ibm.com/support/pages/node/7252567"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2026-152 vom 2026-03-23",
        "url": "https://www.dell.com/support/kbdoc/de-de/000443243/dsa-2026-152-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2026-05-12",
        "url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=2f600efd2bf4c7900c64f1a1d891bf19"
      }
    ],
    "source_lang": "en-US",
    "title": "VMware Tanzu Spring Framework: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-05-12T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-13T08:12:10.257+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-3237",
      "initial_release_date": "2024-10-17T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-17T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2024-12-02T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "4",
          "summary": "PoC aufgenommen"
        },
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Atlassian aufgenommen"
        },
        {
          "date": "2025-01-09T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2025-01-21T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Atlassian aufgenommen"
        },
        {
          "date": "2025-03-30T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-04-06T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-04-08T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Adobe aufgenommen"
        },
        {
          "date": "2025-04-09T22:00:00.000+00:00",
          "number": "11",
          "summary": "Doppelte Eintragung bereinigt"
        },
        {
          "date": "2025-05-14T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2025-06-22T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2025-06-29T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-08-28T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-09-29T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von HITACHI und IBM aufgenommen"
        },
        {
          "date": "2025-10-08T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-10-13T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-11-25T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-11-30T23:00:00.000+00:00",
          "number": "21",
          "summary": "Referenz(en) aufgenommen: 7253216"
        },
        {
          "date": "2026-03-23T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-05-12T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "23"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.5.22.0 (AEMForms-6.5.0-0095)",
                "product": {
                  "name": "Adobe Experience Manager Forms \u003c6.5.22.0 (AEMForms-6.5.0-0095)",
                  "product_id": "T042514"
                }
              },
              {
                "category": "product_version",
                "name": "6.5.22.0 (AEMForms-6.5.0-0095)",
                "product": {
                  "name": "Adobe Experience Manager Forms 6.5.22.0 (AEMForms-6.5.0-0095)",
                  "product_id": "T042514-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:adobe:aem_forms:6.5.22.0_%28aemforms-6.5.0-0095%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Experience Manager Forms"
          }
        ],
        "category": "vendor",
        "name": "Adobe"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Data Center \u003c9.5.0",
                "product": {
                  "name": "Atlassian Bitbucket Data Center \u003c9.5.0",
                  "product_id": "T040536"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center 9.5.0",
                "product": {
                  "name": "Atlassian Bitbucket Data Center 9.5.0",
                  "product_id": "T040536-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:data_center__9.5.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center \u003c9.4.2 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket Data Center \u003c9.4.2 (LTS)",
                  "product_id": "T040537"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center 9.4.2 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket Data Center 9.4.2 (LTS)",
                  "product_id": "T040537-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.2_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center \u003c8.9.24 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket Data Center \u003c8.9.24 (LTS)",
                  "product_id": "T040538"
                }
              },
              {
                "category": "product_version",
                "name": "Data Center 8.9.24 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket Data Center 8.9.24 (LTS)",
                  "product_id": "T040538-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:data_center__8.9.24_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.5.18",
                "product": {
                  "name": "Atlassian Confluence \u003c8.5.18",
                  "product_id": "T039943"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.18",
                "product": {
                  "name": "Atlassian Confluence 8.5.18",
                  "product_id": "T039943-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.5.18"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.19.30",
                "product": {
                  "name": "Atlassian Confluence \u003c7.19.30",
                  "product_id": "T039944"
                }
              },
              {
                "category": "product_version",
                "name": "7.19.30",
                "product": {
                  "name": "Atlassian Confluence 7.19.30",
                  "product_id": "T039944-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:7.19.30"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.2.0 (LTS)",
                "product": {
                  "name": "Atlassian Confluence \u003c9.2.0 (LTS)",
                  "product_id": "T040539"
                }
              },
              {
                "category": "product_version",
                "name": "9.2.0 (LTS)",
                "product": {
                  "name": "Atlassian Confluence 9.2.0 (LTS)",
                  "product_id": "T040539-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:9.2.0_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.5.18 (LTS)",
                "product": {
                  "name": "Atlassian Confluence \u003c8.5.18 (LTS)",
                  "product_id": "T040540"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.18 (LTS)",
                "product": {
                  "name": "Atlassian Confluence 8.5.18 (LTS)",
                  "product_id": "T040540-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:8.5.18_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.19.30 (LTS)",
                "product": {
                  "name": "Atlassian Confluence \u003c7.19.30 (LTS)",
                  "product_id": "T040541"
                }
              },
              {
                "category": "product_version",
                "name": "7.19.30 (LTS)",
                "product": {
                  "name": "Atlassian Confluence 7.19.30 (LTS)",
                  "product_id": "T040541-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:confluence:7.19.30_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Confluence"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.13",
                "product": {
                  "name": "Dell NetWorker \u003c19.13",
                  "product_id": "T044954"
                }
              },
              {
                "category": "product_version",
                "name": "19.13",
                "product": {
                  "name": "Dell NetWorker 19.13",
                  "product_id": "T044954-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:19.13"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.34.00.16",
                "product": {
                  "name": "Dell Secure Connect Gateway \u003c5.34.00.16",
                  "product_id": "T052048"
                }
              },
              {
                "category": "product_version",
                "name": "5.34.00.16",
                "product": {
                  "name": "Dell Secure Connect Gateway 5.34.00.16",
                  "product_id": "T052048-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:secure_connect_gateway:5.34.00.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Connect Gateway"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Service Management",
                "product": {
                  "name": "HCL BigFix Service Management",
                  "product_id": "T046595",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:service_management"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BigFix"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.1.0-9.1.19.0",
                "product": {
                  "name": "HCL Commerce 9.1.0-9.1.19.0",
                  "product_id": "T053858",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltechsw:commerce:9.1.0_-_9.1.19.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Commerce"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Hitachi Ops Center",
                "product": {
                  "name": "Hitachi Ops Center",
                  "product_id": "T038840",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hitachi:ops_center:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.4-00",
                "product": {
                  "name": "Hitachi Ops Center \u003c11.0.4-00",
                  "product_id": "T043089"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.4-00",
                "product": {
                  "name": "Hitachi Ops Center 11.0.4-00",
                  "product_id": "T043089-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hitachi:ops_center:11.0.4-00"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ops Center"
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM Business Automation Workflow",
            "product": {
              "name": "IBM Business Automation Workflow",
              "product_id": "T019704",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:business_automation_workflow:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.7",
                "product": {
                  "name": "IBM InfoSphere Information Server 11.7",
                  "product_id": "444803",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM InfoSphere Information Server",
                "product": {
                  "name": "IBM InfoSphere Information Server",
                  "product_id": "T035705",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_information_server:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "InfoSphere Information Server"
          },
          {
            "category": "product_name",
            "name": "IBM Operational Decision Manager",
            "product": {
              "name": "IBM Operational Decision Manager",
              "product_id": "T005180",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:operational_decision_manager:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "NetApp ActiveIQ Unified Manager",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager",
                  "product_id": "T016960",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "NetApp ActiveIQ Unified Manager",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager",
                  "product_id": "T023548",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ActiveIQ Unified Manager"
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c12.0.1",
                "product": {
                  "name": "RealObjects PDFreactor \u003c12.0.1",
                  "product_id": "T039150"
                }
              },
              {
                "category": "product_version",
                "name": "12.0.1",
                "product": {
                  "name": "RealObjects PDFreactor 12.0.1",
                  "product_id": "T039150-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:realobjects:pdfreactor:12.0.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PDFreactor"
          }
        ],
        "category": "vendor",
        "name": "RealObjects"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Camel for Spring Boot 1",
                "product": {
                  "name": "Red Hat Integration Camel for Spring Boot 1",
                  "product_id": "T035240",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:integration:camel_for_spring_boot_1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Integration"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2025.4",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c2025.4",
                  "product_id": "T047576"
                }
              },
              {
                "category": "product_version",
                "name": "2025.4",
                "product": {
                  "name": "SolarWinds Security Event Manager 2025.4",
                  "product_id": "T047576-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2025.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.3.41",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c5.3.41",
                  "product_id": "T038499"
                }
              },
              {
                "category": "product_version",
                "name": "5.3.41",
                "product": {
                  "name": "VMware Tanzu Spring Framework 5.3.41",
                  "product_id": "T038499-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:5.3.41"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.0.25",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c6.0.25",
                  "product_id": "T038500"
                }
              },
              {
                "category": "product_version",
                "name": "6.0.25",
                "product": {
                  "name": "VMware Tanzu Spring Framework 6.0.25",
                  "product_id": "T038500-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:6.0.25"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c6.1.14",
                "product": {
                  "name": "VMware Tanzu Spring Framework \u003c6.1.14",
                  "product_id": "T038501"
                }
              },
              {
                "category": "product_version",
                "name": "6.1.14",
                "product": {
                  "name": "VMware Tanzu Spring Framework 6.1.14",
                  "product_id": "T038501-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:vmware_tanzu:spring_framework:6.1.14"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spring Framework"
          }
        ],
        "category": "vendor",
        "name": "VMware Tanzu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38819",
      "product_status": {
        "known_affected": [
          "T038500",
          "T038501",
          "T038840",
          "T044954",
          "T042514",
          "T053858",
          "T039150",
          "T005180",
          "T046595",
          "T048677",
          "T043089",
          "T048676",
          "T048675",
          "T040539",
          "T035705",
          "T040538",
          "T040537",
          "T040536",
          "T039944",
          "T035240",
          "T039943",
          "T016960",
          "T052048",
          "T038499",
          "T023548",
          "444803",
          "T019704",
          "T040541",
          "T040540",
          "T047576"
        ]
      },
      "release_date": "2024-10-17T22:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "product_status": {
        "known_affected": [
          "T038500",
          "T038501",
          "T038840",
          "T044954",
          "T042514",
          "T053858",
          "T039150",
          "T005180",
          "T046595",
          "T048677",
          "T043089",
          "T048676",
          "T048675",
          "T040539",
          "T035705",
          "T040538",
          "T040537",
          "T040536",
          "T039944",
          "T035240",
          "T039943",
          "T016960",
          "T052048",
          "T038499",
          "T023548",
          "444803",
          "T019704",
          "T040541",
          "T040540",
          "T047576"
        ]
      },
      "release_date": "2024-10-17T22:00:00.000+00:00",
      "title": "CVE-2024-38820"
    }
  ]
}

WID-SEC-W-2025-0307

Vulnerability from csaf_certbund - Published: 2025-02-10 23:00 - Updated: 2025-02-10 23:00

Summary

SAP Patchday Februar 2025: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.

Angriff: Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erhöhte Berechtigungen zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2023-24527

Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungsprüfungen oder eine unsachgemäße Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Maß an Berechtigungen, um erfolgreich ausgenutzt zu werden.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-22126

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-38819

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-38820

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-38828

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-45216

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-45217

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-0054

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-0064

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23187

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23189

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23190

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23191

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23193

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24867

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24868

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24869

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24870

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24872

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24874

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24875

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24876

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-25241

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-25243

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.sap.com/en/my-support/knowledge-b…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um erh\u00f6hte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0307 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0307.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0307 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0307"
      },
      {
        "category": "external",
        "summary": "SAP Security Patch Day vom 2025-02-10",
        "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/february-2025.html"
      }
    ],
    "source_lang": "en-US",
    "title": "SAP Patchday Februar 2025: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-10T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-11T10:06:06.082+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0307",
      "initial_release_date": "2025-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SAP Software",
            "product": {
              "name": "SAP Software",
              "product_id": "T040977",
              "product_identification_helper": {
                "cpe": "cpe:/a:sap:sap:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SAP"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-24527",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2023-24527"
    },
    {
      "cve": "CVE-2024-22126",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-22126"
    },
    {
      "cve": "CVE-2024-38819",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38828",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-38828"
    },
    {
      "cve": "CVE-2024-45216",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-45216"
    },
    {
      "cve": "CVE-2024-45217",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-45217"
    },
    {
      "cve": "CVE-2025-0054",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0054"
    },
    {
      "cve": "CVE-2025-0064",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-0064"
    },
    {
      "cve": "CVE-2025-23187",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-23187"
    },
    {
      "cve": "CVE-2025-23189",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-23189"
    },
    {
      "cve": "CVE-2025-23190",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-23190"
    },
    {
      "cve": "CVE-2025-23191",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-23191"
    },
    {
      "cve": "CVE-2025-23193",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-23193"
    },
    {
      "cve": "CVE-2025-24867",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24867"
    },
    {
      "cve": "CVE-2025-24868",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24868"
    },
    {
      "cve": "CVE-2025-24869",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24869"
    },
    {
      "cve": "CVE-2025-24870",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24870"
    },
    {
      "cve": "CVE-2025-24872",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24872"
    },
    {
      "cve": "CVE-2025-24874",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24874"
    },
    {
      "cve": "CVE-2025-24875",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24875"
    },
    {
      "cve": "CVE-2025-24876",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-24876"
    },
    {
      "cve": "CVE-2025-25241",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-25241"
    },
    {
      "cve": "CVE-2025-25243",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in SAP-Software. Diese Schwachstellen bestehen in verschiedenen Komponenten wie NetWeaver, BusinessObjects Business Intelligence oder Enterprise Project Connection, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie Path-Traversal-Probleme, fehlende Berechtigungspr\u00fcfungen oder eine unsachgem\u00e4\u00dfe Eingabevalidierung und mehr. Ein Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Cross-Site-Scripting- und Spoofing-Angriffe durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben und einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder ein bestimmtes Ma\u00df an Berechtigungen, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040977"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2025-25243"
    }
  ]
}

WID-SEC-W-2025-0521

Vulnerability from csaf_certbund - Published: 2025-03-10 23:00 - Updated: 2025-03-10 23:00

Summary

SAP Patchday März 2025: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.

Angriff: Ein Angreifer kann diese Schwachstellen ausnutzen, um erhöhte Privilegien zu erlangen, beliebigen Code auszuführen, Cross-Site-Scripting-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.

Betroffene Betriebssysteme: - Linux - Sonstiges - Windows

CVE-2024-38286

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-38819

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-38820

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-39592

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-41736

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2024-52316

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-0062

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-0071

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23185

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23188

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-23194

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-24876

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-25242

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-25244

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-25245

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26655

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26656

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26658

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26659

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26660

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-26661

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27430

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27431

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27432

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27433

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27434

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

CVE-2025-27436

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
SAP Software SAP	`cpe:/a:sap:sap:-`	—

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.sap.com/en/my-support/knowledge-b…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "SAP stellt unternehmensweite L\u00f6sungen f\u00fcr Gesch\u00e4ftsprozesse wie Buchf\u00fchrung, Vertrieb, Einkauf und Lagerhaltung zur Verf\u00fcgung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann diese Schwachstellen ausnutzen, um erh\u00f6hte Privilegien zu erlangen, beliebigen Code auszuf\u00fchren, Cross-Site-Scripting-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0521 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0521.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0521 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0521"
      },
      {
        "category": "external",
        "summary": "SAP Security Patch Day - March 2025 vom 2025-03-10",
        "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/march-2025.html"
      }
    ],
    "source_lang": "en-US",
    "title": "SAP Patchday M\u00e4rz 2025: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-10T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-11T11:40:17.201+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0521",
      "initial_release_date": "2025-03-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-03-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SAP Software",
            "product": {
              "name": "SAP Software",
              "product_id": "T041721",
              "product_identification_helper": {
                "cpe": "cpe:/a:sap:sap:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SAP"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-38286",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-38286"
    },
    {
      "cve": "CVE-2024-38819",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-39592",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-39592"
    },
    {
      "cve": "CVE-2024-41736",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-41736"
    },
    {
      "cve": "CVE-2024-52316",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2024-52316"
    },
    {
      "cve": "CVE-2025-0062",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-0062"
    },
    {
      "cve": "CVE-2025-0071",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-0071"
    },
    {
      "cve": "CVE-2025-23185",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-23185"
    },
    {
      "cve": "CVE-2025-23188",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-23188"
    },
    {
      "cve": "CVE-2025-23194",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-23194"
    },
    {
      "cve": "CVE-2025-24876",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-24876"
    },
    {
      "cve": "CVE-2025-25242",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-25242"
    },
    {
      "cve": "CVE-2025-25244",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-25244"
    },
    {
      "cve": "CVE-2025-25245",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-25245"
    },
    {
      "cve": "CVE-2025-26655",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26655"
    },
    {
      "cve": "CVE-2025-26656",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26656"
    },
    {
      "cve": "CVE-2025-26658",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26658"
    },
    {
      "cve": "CVE-2025-26659",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26659"
    },
    {
      "cve": "CVE-2025-26660",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26660"
    },
    {
      "cve": "CVE-2025-26661",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-26661"
    },
    {
      "cve": "CVE-2025-27430",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27430"
    },
    {
      "cve": "CVE-2025-27431",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27431"
    },
    {
      "cve": "CVE-2025-27432",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27432"
    },
    {
      "cve": "CVE-2025-27433",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27433"
    },
    {
      "cve": "CVE-2025-27434",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27434"
    },
    {
      "cve": "CVE-2025-27436",
      "product_status": {
        "known_affected": [
          "T041721"
        ]
      },
      "release_date": "2025-03-10T23:00:00.000+00:00",
      "title": "CVE-2025-27436"
    }
  ]
}

WID-SEC-W-2025-0819

Vulnerability from csaf_certbund - Published: 2025-04-15 22:00 - Updated: 2025-04-15 22:00

Summary

Oracle Financial Services Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - UNIX - Windows

CVE-2021-28170

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2023-39410

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2023-49582

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-28168

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-28219

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-35195

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-37891

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-38819

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-38820

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-38827

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-47072

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-47554

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-5206

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-56128

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-56337

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2024-57699

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2025-21573

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2025-23184

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

CVE-2025-24970

Affected products

Known affected 18 products

Product	Identifier	Version
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0`	2.9.0.0.0-7.0.0.0.0
Oracle Financial Services Applications 6.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:6.1.0.0.0`	6.1.0.0.0
Oracle Financial Services Applications 8.1.2.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.7.0`	8.1.2.7.0
Oracle Financial Services Applications 8.1.1.4 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.1.4`	8.1.1.4
Oracle Financial Services Applications 8.0.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8`	8.0.8
Oracle Financial Services Applications 8.0.8.1 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.1`	8.0.8.1
Oracle Financial Services Applications 8.1.2.5 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.5`	8.1.2.5
Oracle Financial Services Applications 5.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:5.1.0.0.0`	5.1.0.0.0
Oracle Financial Services Applications 8.1.2.9 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.9`	8.1.2.9
Oracle Financial Services Applications 8.1.2.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.1.2.8`	8.1.2.8
Oracle Financial Services Applications 14.7.0.7.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.7.0`	14.7.0.7.0
Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:14.7.0.0.0`	14.5.0.0.0-14.7.0.0.0
Oracle Financial Services Applications 22.2.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.2.0.0.0`	22.2.0.0.0
Oracle Financial Services Applications 8.0.8.6 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.8.6`	8.0.8.6
Oracle Financial Services Applications 8.0.7.8 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:8.0.7.8`	8.0.7.8
Oracle Financial Services Applications 21.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:21.1.0.0.0`	21.1.0.0.0
Oracle Financial Services Applications 7.0.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:7.0.0.0.0`	7.0.0.0.0
Oracle Financial Services Applications 22.1.0.0.0 Oracle / Financial Services Applications	`cpe:/a:oracle:financial_services_applications:22.1.0.0.0`	22.1.0.0.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpuapr2025…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Financial Services ist eine Zusammenstellung  von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0819 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0819.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0819 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0819"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - April 2025 - Appendix Oracle Financial Services Applications vom 2025-04-15",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html#AppendixIFLX"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-04-15T22:00:00.000+00:00",
      "generator": {
        "date": "2025-04-16T09:16:23.001+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0819",
      "initial_release_date": "2025-04-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-04-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.0.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8",
                  "product_id": "T021677",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.1",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.1",
                  "product_id": "T022844",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "21.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 21.1.0.0.0",
                  "product_id": "T028695",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:21.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 22.1.0.0.0",
                  "product_id": "T028696",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:22.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "22.2.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 22.2.0.0.0",
                  "product_id": "T028697",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:22.2.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.5.0.0.0-14.7.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.5.0.0.0-14.7.0.0.0",
                  "product_id": "T028702",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.5",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.5",
                  "product_id": "T028706",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 6.1.0.0.0",
                  "product_id": "T036223",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:6.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.8",
                  "product_id": "T038392",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.0.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 7.0.0.0.0",
                  "product_id": "T040463",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:7.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.7.8",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.7.8",
                  "product_id": "T040464",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.8.6",
                "product": {
                  "name": "Oracle Financial Services Applications 8.0.8.6",
                  "product_id": "T040465",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.9.0.0.0-7.0.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
                  "product_id": "T040516",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.7.0",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.7.0",
                  "product_id": "T042808",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.1.4",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.1.4",
                  "product_id": "T042809",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.1.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1.0.0.0",
                "product": {
                  "name": "Oracle Financial Services Applications 5.1.0.0.0",
                  "product_id": "T042810",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:5.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.2.9",
                "product": {
                  "name": "Oracle Financial Services Applications 8.1.2.9",
                  "product_id": "T042811",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.7.0.7.0",
                "product": {
                  "name": "Oracle Financial Services Applications 14.7.0.7.0",
                  "product_id": "T042812",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:financial_services_applications:14.7.0.7.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Financial Services Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-28170",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2021-28170"
    },
    {
      "cve": "CVE-2023-39410",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2023-39410"
    },
    {
      "cve": "CVE-2023-49582",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2023-49582"
    },
    {
      "cve": "CVE-2024-28168",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-28168"
    },
    {
      "cve": "CVE-2024-28219",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-35195",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-37891",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38827",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-38827"
    },
    {
      "cve": "CVE-2024-47072",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-47072"
    },
    {
      "cve": "CVE-2024-47554",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-5206",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-5206"
    },
    {
      "cve": "CVE-2024-56128",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-56128"
    },
    {
      "cve": "CVE-2024-56337",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-56337"
    },
    {
      "cve": "CVE-2024-57699",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-21573",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2025-21573"
    },
    {
      "cve": "CVE-2025-23184",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2025-23184"
    },
    {
      "cve": "CVE-2025-24970",
      "product_status": {
        "known_affected": [
          "T040516",
          "T036223",
          "T042808",
          "T042809",
          "T021677",
          "T022844",
          "T028706",
          "T042810",
          "T042811",
          "T038392",
          "T042812",
          "T028702",
          "T028697",
          "T040465",
          "T040464",
          "T028695",
          "T040463",
          "T028696"
        ]
      },
      "release_date": "2025-04-15T22:00:00.000+00:00",
      "title": "CVE-2025-24970"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Product	Identifier	Version
banking_corporate_lending_process_management oracle	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.4.0.0.0:::::::*`	—
banking_corporate_lending_process_management oracle	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.5.0.0.0:::::::*`	—
banking_corporate_lending_process_management oracle	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.6.0.0.0:::::::*`	—
banking_corporate_lending_process_management oracle	`cpe:2.3:a:oracle:banking_corporate_lending_process_management:14.7.0.0.0:::::::*`	—
banking_liquidity_management oracle	`cpe:2.3:a:oracle:banking_liquidity_management:14.5.0.0.0:::::::*`	—
banking_liquidity_management oracle	`cpe:2.3:a:oracle:banking_liquidity_management:14.6.0.0.0:::::::*`	—
banking_liquidity_management oracle	`cpe:2.3:a:oracle:banking_liquidity_management:14.7.0.0.0:::::::*`	—
banking_origination oracle	`cpe:2.3:a:oracle:banking_origination:14.5.0.0.0:::::::*`	—
banking_origination oracle	`cpe:2.3:a:oracle:banking_origination:14.6.0.0.0:::::::*`	—
banking_origination oracle	`cpe:2.3:a:oracle:banking_origination:14.7.0.0.0:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.1:::::::*`	—
financial_services_analytical_applications_infrastructure oracle	`cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.2:::::::*`	—
financial_services_basel_regulatory_capital_basic oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.7.3:::::::*`	—
financial_services_basel_regulatory_capital_basic oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.0.8.3:::::::*`	—
financial_services_basel_regulatory_capital_internal_ratings_based_approach oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.7.3:::::::*`	—
financial_services_basel_regulatory_capital_internal_ratings_based_approach oracle	`cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.0.8.3:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.1.1:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.6:::::::*`	—
financial_services_behavior_detection_platform oracle	`cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.6:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.7:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.0.8.2.8:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.1.1.18:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.6.4:::::::*`	—
financial_services_enterprise_case_management oracle	`cpe:2.3:a:oracle:financial_services_enterprise_case_management:8.1.2.7.3:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.5:::::::*`	—
financial_services_model_management_and_governance oracle	`cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.2.6:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.0.0.0.0:::::::*`	—
financial_services_revenue_management_and_billing oracle	`cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:6.1.0.0.0:::::::*`	—
financial_services_trade-based_anti_money_laundering_enterprise_edition oracle	`cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering_enterprise_edition:8.0.8.0:::::::*`	—
financial_services_compliance_studio oracle	`cpe:2.3:a:oracle:financial_services_compliance_studio:8.1.2.5:::::::*`	—

Action not permitted

CVE-2024-38820 (GCVE-0-2024-38820)

Tags

Sightings

Nomenclature