{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-55752",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-28T03:56:06.048280Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T16:57:03.821Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-10T21:38:09.790Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/27/4"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.10",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.44",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.108",
              "status": "affected",
              "version": "9.0.0.M11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.6",
              "versionType": "semver"
            },
            {
              "lessThan": "8.5.0",
              "status": "unknown",
              "version": "3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Chumy Tsai (github.com/Jimmy01240397) @ CyCraft Technology Intern"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eRelative Path Traversal vulnerability in Apache Tomcat.\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThe fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to the       URL, an attacker could manipulate the request URI to bypass security       constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\u003c/p\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\u003c/p\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\u003cbr\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to the       URL, an attacker could manipulate the request URI to bypass security       constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-23",
              "description": "CWE-23 Relative Path Traversal",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:38:56.846Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-55752",
    "datePublished": "2025-10-27T17:29:56.060Z",
    "dateReserved": "2025-08-15T08:14:18.969Z",
    "dateUpdated": "2026-02-26T16:57:03.821Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53042",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-22T16:07:19.582262Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T16:07:47.654Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MySQL Server",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "lessThanOrEqual": "8.0.43",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "8.4.6",
              "status": "affected",
              "version": "8.4.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.4.0",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "8.0.43",
                  "versionStartIncluding": "8.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "8.4.6",
                  "versionStartIncluding": "8.4.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "9.4.0",
                  "versionStartIncluding": "9.0.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and  9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-21T20:02:55.299Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2025-53042",
    "datePublished": "2025-10-21T20:02:55.299Z",
    "dateReserved": "2025-06-24T16:45:19.420Z",
    "dateUpdated": "2025-10-22T16:07:47.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14874",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T14:32:42.747682Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T14:32:56.024Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418133"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/nodemailer/nodemailer",
          "defaultStatus": "unaffected",
          "packageName": "nodemailer",
          "product": "nodemailer",
          "vendor": "nodemailer",
          "versions": [
            {
              "lessThan": "7.0.11",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-grafana-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhdh/rhdh-hub-rhel9",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank uko3211 for reporting this issue."
        }
      ],
      "datePublic": "2025-12-01T20:44:25.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-08T02:59:52.145Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-14874"
        },
        {
          "name": "RHBZ#2418133",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418133"
        },
        {
          "url": "https://github.com/nodemailer/nodemailer"
        },
        {
          "url": "https://github.com/nodemailer/nodemailer/commit/b61b9c0cfd682b6f647754ca338373b68336a150"
        },
        {
          "url": "https://github.com/nodemailer/nodemailer/security/advisories/GHSA-rcmh-qjqh-p98v"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-01T22:06:37.176Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-12-01T20:44:25.000Z",
          "value": "Made public."
        }
      ],
      "title": "Nodemailer: nodemailer: denial of service via crafted email address header",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-703: Improper Check or Handling of Exceptional Conditions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-14874",
    "datePublished": "2025-12-18T08:40:31.916Z",
    "dateReserved": "2025-12-18T06:54:04.556Z",
    "dateUpdated": "2026-01-08T02:59:52.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-50106",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-16T03:56:15.326170Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:35.373Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:33.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00014.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00011.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Oracle Java SE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "8u451"
            },
            {
              "status": "affected",
              "version": "8u451-perf"
            },
            {
              "status": "affected",
              "version": "11.0.27"
            },
            {
              "status": "affected",
              "version": "17.0.15"
            },
            {
              "status": "affected",
              "version": "21.0.7"
            },
            {
              "status": "affected",
              "version": "24.0.1"
            }
          ]
        },
        {
          "product": "Oracle GraalVM for JDK",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "17.0.15"
            },
            {
              "status": "affected",
              "version": "21.0.7"
            },
            {
              "status": "affected",
              "version": "24.0.1"
            }
          ]
        },
        {
          "product": "Oracle GraalVM Enterprise Edition",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "21.3.14"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:8u451:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:8u451:*:*:*:enterprise_performance:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:11.0.27:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:17.0.15:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:21.0.7:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:java_se:24.0.1:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.15:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.7:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:24.0.1:*:*:*:*:*:*:*",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:oracle:graalvm:21.3.14:*:*:*:enterprise:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).  Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and  24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T19:27:51.820Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2025.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2025-50106",
    "datePublished": "2025-07-15T19:27:51.820Z",
    "dateReserved": "2025-06-11T22:56:56.114Z",
    "dateUpdated": "2026-02-26T17:50:35.373Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-02-25T21:10:03.795Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/01/27/10"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/02/25/6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-15467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-29T14:50:31.874299Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T15:56:03.994Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.5",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.4",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.6",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.19",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Stanislav Fort (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Igor Ustinov"
        }
      ],
      "datePublic": "2026-01-27T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\u003cbr\u003emaliciously crafted AEAD parameters can trigger a stack buffer overflow.\u003cbr\u003e\u003cbr\u003eImpact summary: A stack buffer overflow may lead to a crash, causing Denial\u003cbr\u003eof Service, or potentially remote code execution.\u003cbr\u003e\u003cbr\u003eWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\u003cbr\u003eAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\u003cbr\u003ecopied into a fixed-size stack buffer without verifying that its length fits\u003cbr\u003ethe destination. An attacker can supply a crafted CMS message with an\u003cbr\u003eoversized IV, causing a stack-based out-of-bounds write before any\u003cbr\u003eauthentication or tag verification occurs.\u003cbr\u003e\u003cbr\u003eApplications and services that parse untrusted CMS or PKCS#7 content using\u003cbr\u003eAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\u003cbr\u003eBecause the overflow occurs prior to authentication, no valid key material\u003cbr\u003eis required to trigger it. While exploitability to remote code execution\u003cbr\u003edepends on platform and toolchain mitigations, the stack-based write\u003cbr\u003eprimitive represents a severe risk.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\u003cbr\u003eissue, as the CMS implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.1.1 and 1.0.2 are not affected by this issue."
            }
          ],
          "value": "Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with\nmaliciously crafted AEAD parameters can trigger a stack buffer overflow.\n\nImpact summary: A stack buffer overflow may lead to a crash, causing Denial\nof Service, or potentially remote code execution.\n\nWhen parsing CMS (Auth)EnvelopedData structures that use AEAD ciphers such as\nAES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is\ncopied into a fixed-size stack buffer without verifying that its length fits\nthe destination. An attacker can supply a crafted CMS message with an\noversized IV, causing a stack-based out-of-bounds write before any\nauthentication or tag verification occurs.\n\nApplications and services that parse untrusted CMS or PKCS#7 content using\nAEAD ciphers (e.g., S/MIME (Auth)EnvelopedData with AES-GCM) are vulnerable.\nBecause the overflow occurs prior to authentication, no valid key material\nis required to trigger it. While exploitability to remote code execution\ndepends on platform and toolchain mitigations, the stack-based write\nprimitive represents a severe risk.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue.\n\nOpenSSL 1.1.1 and 1.0.2 are not affected by this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "High"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T17:44:51.846Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260127.txt"
        },
        {
          "name": "3.6.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/2c8f0e5fa9b6ee5508a0349e4572ddb74db5a703"
        },
        {
          "name": "3.5.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/d0071a0799f20cc8101730145349ed4487c268dc"
        },
        {
          "name": "3.4.4 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/6ced0fe6b10faa560e410e3ee8d6c82f06c65ea3"
        },
        {
          "name": "3.3.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/5f26d4202f5b89664c5c3f3c62086276026ba9a9"
        },
        {
          "name": "3.0.19 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/ce39170276daec87f55c39dad1f629b56344429e"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack buffer overflow in CMS (Auth)EnvelopedData parsing",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2025-15467",
    "datePublished": "2026-01-27T16:01:19.922Z",
    "dateReserved": "2026-01-06T09:26:41.631Z",
    "dateUpdated": "2026-02-26T15:56:03.994Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58189",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-03T19:50:48.668117Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:51:22.704Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:13:39.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/08/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "crypto/tls",
          "product": "crypto/tls",
          "programRoutines": [
            {
              "name": "negotiateALPN"
            },
            {
              "name": "Conn.Handshake"
            },
            {
              "name": "Conn.HandshakeContext"
            },
            {
              "name": "Conn.Read"
            },
            {
              "name": "Conn.Write"
            },
            {
              "name": "Dial"
            },
            {
              "name": "DialWithDialer"
            },
            {
              "name": "Dialer.Dial"
            },
            {
              "name": "Dialer.DialContext"
            },
            {
              "name": "QUICConn.Start"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.24.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.25.2",
              "status": "affected",
              "version": "1.25.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "National Cyber Security Centre Finland"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information (the ALPN protocols sent by the client) which is not escaped."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-117: Improper Output Neutralization for Logs",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T22:10:12.947Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/707776"
        },
        {
          "url": "https://go.dev/issue/75652"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4008"
        }
      ],
      "title": "ALPN negotiation error contains attacker controlled information in crypto/tls"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-58189",
    "datePublished": "2025-10-29T22:10:12.947Z",
    "dateReserved": "2025-08-27T14:50:58.692Z",
    "dateUpdated": "2025-11-04T21:13:39.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-61724",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-30T14:22:06.282935Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-30T14:22:16.112Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:14:03.930Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/08/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/textproto",
          "product": "net/textproto",
          "programRoutines": [
            {
              "name": "Reader.ReadResponse"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.24.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.25.2",
              "status": "affected",
              "version": "1.25.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T22:10:14.609Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/709859"
        },
        {
          "url": "https://go.dev/issue/75716"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4015"
        }
      ],
      "title": "Excessive CPU consumption in Reader.ReadResponse in net/textproto"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-61724",
    "datePublished": "2025-10-29T22:10:14.609Z",
    "dateReserved": "2025-09-30T15:05:03.605Z",
    "dateUpdated": "2025-11-04T21:14:03.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-60753",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-05T15:39:22.288768Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-835",
                "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          },
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-05T15:44:31.278Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-05T15:17:43.562Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libarchive/libarchive/issues/2725"
        },
        {
          "url": "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-60753",
    "datePublished": "2025-11-05T00:00:00.000Z",
    "dateReserved": "2025-09-26T00:00:00.000Z",
    "dateUpdated": "2025-11-05T15:44:31.278Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-37727",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-10T16:34:28.484931Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-10T16:34:36.812Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Elasticsearch",
          "repo": "https://github.com/elasticsearch",
          "vendor": "Elastic",
          "versions": [
            {
              "lessThanOrEqual": "7.17.29",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.18.7",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.19.4",
              "status": "affected",
              "version": "8.19.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.7",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.1.4",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eInsertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex\"\u003ereindex API\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the  reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-10T09:56:15.234Z",
        "orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
        "shortName": "elastic"
      },
      "references": [
        {
          "url": "https://discuss.elastic.co/t/elasticsearch-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-18/382453"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Elasticsearch Insertion of sensitive information in log file",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
    "assignerShortName": "elastic",
    "cveId": "CVE-2025-37727",
    "datePublished": "2025-10-10T09:56:15.234Z",
    "dateReserved": "2025-04-16T03:24:04.510Z",
    "dateUpdated": "2025-10-10T16:34:36.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53906",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-18T14:44:21.730414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-18T14:44:25.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:12:42.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/15/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "vim",
          "vendor": "vim",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 9.1.1551"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim\u2019s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T20:52:40.137Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
        },
        {
          "name": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
        }
      ],
      "source": {
        "advisory": "GHSA-r2fw-9cw4-mj86",
        "discovery": "UNKNOWN"
      },
      "title": "Vim has path traversal issue with zip.vim and special crafted zip archives"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-53906",
    "datePublished": "2025-07-15T20:52:40.137Z",
    "dateReserved": "2025-07-11T19:05:23.827Z",
    "dateUpdated": "2025-11-04T21:12:42.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15284",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-30T14:55:26.031863Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-30T15:57:41.402Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://npmjs.com/qs",
          "defaultStatus": "affected",
          "modules": [
            "parse"
          ],
          "packageName": "qs",
          "repo": "https://github.com/ljharb/qs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.14.1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.\u003cp\u003eThis issue affects qs: \u0026lt; 6.14.1.\u003c/p\u003e\u003ch3\u003e\u003cbr\u003eSummary\u003c/h3\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003earrayLimit\u003c/code\u003e\u0026nbsp;option in qs did not enforce limits for bracket notation (\u003ccode\u003ea[]=1\u0026amp;a[]=2\u003c/code\u003e), only for indexed notation (\u003ccode\u003ea[0]=1\u003c/code\u003e). This is a consistency bug; \u003ccode\u003earrayLimit\u003c/code\u003e\u0026nbsp;should apply uniformly across all array notations.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eNote:\u003c/strong\u003e\u0026nbsp;The default \u003ccode\u003eparameterLimit\u003c/code\u003e\u0026nbsp;of 1000 effectively mitigates the DoS scenario originally described. With default options, bracket notation cannot produce arrays larger than \u003ccode\u003eparameterLimit\u003c/code\u003e\u0026nbsp;regardless of \u003ccode\u003earrayLimit\u003c/code\u003e, because each \u003ccode\u003ea[]=value\u003c/code\u003econsumes one parameter slot. The severity has been reduced accordingly.\u003c/p\u003e\u003ch3\u003eDetails\u003c/h3\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe \u003ccode\u003earrayLimit\u003c/code\u003e\u0026nbsp;option only checked limits for indexed notation (\u003ccode\u003ea[0]=1\u0026amp;a[1]=2\u003c/code\u003e) but did not enforce it for bracket notation (\u003ccode\u003ea[]=1\u0026amp;a[]=2\u003c/code\u003e).\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eVulnerable code\u003c/strong\u003e\u0026nbsp;(\u003ccode\u003elib/parse.js:159-162\u003c/code\u003e):\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003eif (root === \u0027[]\u0027 \u0026amp;\u0026amp; options.parseArrays) {\n    obj = utils.combine([], leaf);  // No arrayLimit check\n}\u003c/pre\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003cstrong\u003eWorking code\u003c/strong\u003e\u0026nbsp;(\u003ccode\u003elib/parse.js:175\u003c/code\u003e):\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003eelse if (index \u0026lt;= options.arrayLimit) {  // Limit checked here\n    obj = [];\n    obj[index] = leaf;\n}\u003c/pre\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003eThe bracket notation handler at line 159 uses \u003ccode\u003eutils.combine([], leaf)\u003c/code\u003e\u0026nbsp;without validating against \u003ccode\u003eoptions.arrayLimit\u003c/code\u003e, while indexed notation at line 175 checks \u003ccode\u003eindex \u0026lt;= options.arrayLimit\u003c/code\u003e\u0026nbsp;before creating arrays.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003ch3\u003ePoC\u003c/h3\u003e\u003cp\u003e\u003cstrong\u003e\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003cpre\u003econst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026amp;a[]=2\u0026amp;a[]=3\u0026amp;a[]=4\u0026amp;a[]=5\u0026amp;a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length);  // Output: 6 (should be max 5)\u003c/pre\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003cstrong\u003eNote on parameterLimit interaction:\u003c/strong\u003e\u0026nbsp;The original advisory\u0027s \"DoS demonstration\" claimed a length of 10,000, but \u003ccode\u003eparameterLimit\u003c/code\u003e\u0026nbsp;(default: 1000) caps parsing to 1,000 parameters. With default options, the actual output is 1,000, not 10,000.\u003c/p\u003e\u003ch3\u003eImpact\u003c/h3\u003e\u003cp\u003e\u003c/p\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eConsistency bug in \u003c/span\u003e\u003ccode\u003earrayLimit\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;enforcement. With default \u003c/span\u003e\u003ccode\u003eparameterLimit\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, the practical DoS risk is negligible since \u003c/span\u003e\u003ccode\u003eparameterLimit\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;already caps the total number of parsed parameters (and thus array elements from bracket notation). The risk increases only when \u003c/span\u003e\u003ccode\u003eparameterLimit\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;is explicitly set to a very high value.\u003c/span\u003e"
            }
          ],
          "value": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: \u003c 6.14.1.\n\n\nSummary\n\nThe arrayLimit\u00a0option in qs did not enforce limits for bracket notation (a[]=1\u0026a[]=2), only for indexed notation (a[0]=1). This is a consistency bug; arrayLimit\u00a0should apply uniformly across all array notations.\n\nNote:\u00a0The default parameterLimit\u00a0of 1000 effectively mitigates the DoS scenario originally described. With default options, bracket notation cannot produce arrays larger than parameterLimit\u00a0regardless of arrayLimit, because each a[]=valueconsumes one parameter slot. The severity has been reduced accordingly.\n\nDetails\n\nThe arrayLimit\u00a0option only checked limits for indexed notation (a[0]=1\u0026a[1]=2) but did not enforce it for bracket notation (a[]=1\u0026a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === \u0027[]\u0027 \u0026\u0026 options.parseArrays) {\n    obj = utils.combine([], leaf);  // No arrayLimit check\n}\n\n\n\n\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index \u003c= options.arrayLimit) {  // Limit checked here\n    obj = [];\n    obj[index] = leaf;\n}\n\n\n\n\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index \u003c= options.arrayLimit\u00a0before creating arrays.\n\n\n\nPoC\n\nconst qs = require(\u0027qs\u0027);\nconst result = qs.parse(\u0027a[]=1\u0026a[]=2\u0026a[]=3\u0026a[]=4\u0026a[]=5\u0026a[]=6\u0027, { arrayLimit: 5 });\nconsole.log(result.a.length);  // Output: 6 (should be max 5)\n\n\n\n\n\nNote on parameterLimit interaction:\u00a0The original advisory\u0027s \"DoS demonstration\" claimed a length of 10,000, but parameterLimit\u00a0(default: 1000) caps parsing to 1,000 parameters. With default options, the actual output is 1,000, not 10,000.\n\nImpact\n\nConsistency bug in arrayLimit\u00a0enforcement. With default parameterLimit, the practical DoS risk is negligible since parameterLimit\u00a0already caps the total number of parsed parameters (and thus array elements from bracket notation). The risk increases only when parameterLimit\u00a0is explicitly set to a very high value."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-469",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-469 HTTP DoS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-10T20:06:42.111Z",
        "orgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
        "shortName": "harborist"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "arrayLimit bypass in bracket notation allows DoS via memory exhaustion",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7ffcee3d-2c14-4c3e-b844-86c6a321a158",
    "assignerShortName": "harborist",
    "cveId": "CVE-2025-15284",
    "datePublished": "2025-12-29T22:56:45.240Z",
    "dateReserved": "2025-12-29T21:36:51.399Z",
    "dateUpdated": "2026-02-10T20:06:42.111Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47808",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-07T19:49:18.744092Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-07T19:50:58.524Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In GStreamer through 1.26.1, the subparse plugin\u0027s tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T19:19:37.084Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gstreamer.freedesktop.org/security/"
        },
        {
          "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-47808",
    "datePublished": "2025-08-07T00:00:00.000Z",
    "dateReserved": "2025-05-10T00:00:00.000Z",
    "dateUpdated": "2025-08-07T19:50:58.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12439",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-10T21:00:53.663647Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-10T21:02:26.622Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "142.0.7444.59",
              "status": "affected",
              "version": "142.0.7444.59",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inappropriate implementation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T20:00:19.158Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
        },
        {
          "url": "https://issues.chromium.org/issues/382234536"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-12439",
    "datePublished": "2025-11-10T20:00:19.158Z",
    "dateReserved": "2025-10-28T20:16:49.451Z",
    "dateUpdated": "2025-11-10T21:02:26.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-07-21T17:13:17.168Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/03/10/5"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250321-0001/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00003.html"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-24813",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-01T19:37:06.207441Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-04-01",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:55:25.563Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24813"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-04-01T00:00:00.000Z",
            "value": "CVE-2025-24813 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.2",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.34",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.98",
              "status": "affected",
              "version": "9.0.0.M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.5.0",
              "status": "unknown",
              "version": "3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "COSCO Shipping Lines DIC"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "sw0rd1ight (https://github.com/sw0rd1ight)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePath Equivalence: \u0027file.Name\u0027 (Internal Dot) leading to\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eRemote Code Execution and/or Information disclosure\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eand/or malicious content added to uploaded files via write enabled\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eDefault Servlet\u003c/span\u003e\u0026nbsp;in Apache Tomcat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.\u003cbr\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\u003cbr\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eIf all of the following were true, a malicious user was able to view       security sensitive files and/or inject content into those files:\u003cbr\u003e-\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003ewrites enabled for the default servlet (disabled by default)\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e- support for partial PUT (enabled by default)\u003cbr\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e- a target URL for security sensitive uploads that was a sub-directory of\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ea target URL for public uploads\u003cbr\u003e-\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eattacker knowledge of the names of security sensitive files being\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003euploaded\u003cbr\u003e-\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ethe security sensitive files also being uploaded via partial PUT\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eIf all of the following were true, a malicious user was able to\u003c/span\u003e       perform remote code execution:\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e- writes enabled for the default servlet (disabled by default)\u003cbr\u003e-\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003esupport for partial PUT (enabled by default)\u003cbr\u003e-\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eapplication was using Tomcat\u0027s file based session persistence with the\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003edefault storage location\u003cbr\u003e-\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eapplication included a library that may be leveraged in a\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003edeserialization attack\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUsers are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e"
            }
          ],
          "value": "Path Equivalence: \u0027file.Name\u0027 (Internal Dot) leading to\u00a0Remote Code Execution and/or Information disclosure\u00a0and/or malicious content added to uploaded files via write enabled\u00a0Default Servlet\u00a0in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\n\n\nIf all of the following were true, a malicious user was able to view       security sensitive files and/or inject content into those files:\n-\u00a0writes enabled for the default servlet (disabled by default)\n- support for partial PUT (enabled by default)\n- a target URL for security sensitive uploads that was a sub-directory of\u00a0a target URL for public uploads\n-\u00a0attacker knowledge of the names of security sensitive files being\u00a0uploaded\n-\u00a0the security sensitive files also being uploaded via partial PUT\n\nIf all of the following were true, a malicious user was able to       perform remote code execution:\n- writes enabled for the default servlet (disabled by default)\n-\u00a0support for partial PUT (enabled by default)\n-\u00a0application was using Tomcat\u0027s file based session persistence with the\u00a0default storage location\n-\u00a0application included a library that may be leveraged in a\u00a0deserialization attack\n\nUsers are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-44",
              "description": "CWE-44 Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502 Deserialization of Untrusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:49:44.413Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-24813",
    "datePublished": "2025-03-10T16:44:03.715Z",
    "dateReserved": "2025-01-24T08:51:50.296Z",
    "dateUpdated": "2025-10-29T11:49:44.413Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12726",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-11T04:55:41.061181Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:46:58.560Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "142.0.7444.137",
              "status": "affected",
              "version": "142.0.7444.137",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inappropriate implementation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T20:00:55.285Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html"
        },
        {
          "url": "https://issues.chromium.org/issues/447172715"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-12726",
    "datePublished": "2025-11-10T20:00:55.285Z",
    "dateReserved": "2025-11-04T21:56:36.665Z",
    "dateUpdated": "2026-02-26T17:46:58.560Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-58181",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T20:49:06.918113Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T20:49:26.800Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "parseGSSAPIPayload"
            },
            {
              "name": "NewServerConn"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.45.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-1284",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T17:14:59.856Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "url": "https://go.dev/cl/721961"
        },
        {
          "url": "https://go.dev/issue/76363"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4134"
        }
      ],
      "title": "Unbounded memory consumption in golang.org/x/crypto/ssh"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-58181",
    "datePublished": "2025-11-19T20:33:42.795Z",
    "dateReserved": "2025-08-27T14:50:58.691Z",
    "dateUpdated": "2025-11-20T17:14:59.856Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0716",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T18:33:33.752366Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T18:33:37.801Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.herodevs.com/vulnerability-directory/cve-2025-0716"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:35:06.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://registry.npmjs.org",
          "defaultStatus": "unaffected",
          "packageName": "angular",
          "product": "AngularJS",
          "repo": "https://github.com/angular/angular.js",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e=0.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "George Kalpakas"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper sanitization of the value of the \u0027\u003ctt\u003ehref\u003c/tt\u003e\u0027 and \u0027\u003ctt\u003exlink:href\u003c/tt\u003e\u0027 attributes in \u0027\u003ctt\u003e\u0026lt;image\u0026gt;\u003c/tt\u003e\u0027 SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://owasp.org/www-community/attacks/Content_Spoofing\"\u003eContent Spoofing\u003c/a\u003e\u0026nbsp;and also negatively affect the application\u0027s performance and behavior by using too large or slow-to-load images.\u003cbr\u003e\u003cbr\u003eThis issue affects all versions of AngularJS.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eNote:\u003c/b\u003e\u003cbr\u003eThe AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.angularjs.org/misc/version-support-status\"\u003ehere\u003c/a\u003e."
            }
          ],
          "value": "Improper sanitization of the value of the \u0027href\u0027 and \u0027xlink:href\u0027 attributes in \u0027\u003cimage\u003e\u0027 SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of  Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing \u00a0and also negatively affect the application\u0027s performance and behavior by using too large or slow-to-load images.\n\nThis issue affects all versions of AngularJS.\n\nNote:\nThe AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see  here https://docs.angularjs.org/misc/version-support-status ."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-554",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-554 Functionality Bypass"
            }
          ]
        },
        {
          "capecId": "CAPEC-148",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-148 Content Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-791",
              "description": "CWE-791: Incomplete Filtering of Special Elements",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-28T17:37:44.700Z",
        "orgId": "36c7be3b-2937-45df-85ea-ca7133ea542c",
        "shortName": "HeroDevs"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.herodevs.com/vulnerability-directory/cve-2025-0716"
        },
        {
          "tags": [
            "technical-description",
            "exploit"
          ],
          "url": "https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "tags": [
        "unsupported-when-assigned",
        "x_open-source"
      ],
      "title": "AngularJS improper sanitization in SVG \u0027\u003cimage\u003e\u0027 element",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36c7be3b-2937-45df-85ea-ca7133ea542c",
    "assignerShortName": "HeroDevs",
    "cveId": "CVE-2025-0716",
    "datePublished": "2025-04-29T16:26:19.591Z",
    "dateReserved": "2025-01-24T17:15:53.003Z",
    "dateUpdated": "2025-11-03T19:35:06.971Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 3.1,
              "baseSeverity": "LOW",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-11219",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-07T13:36:31.351873Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-07T13:37:19.731Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "141.0.7390.54",
              "status": "affected",
              "version": "141.0.7390.54",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Low)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use after free",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T22:08:57.161Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html"
        },
        {
          "url": "https://issues.chromium.org/issues/439772737"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-11219",
    "datePublished": "2025-11-06T22:08:57.161Z",
    "dateReserved": "2025-09-30T21:50:15.293Z",
    "dateUpdated": "2025-11-07T13:37:19.731Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20165",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T15:40:54.433220Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-532",
                "description": "CWE-532 Insertion of Sensitive Information into Log File",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T16:19:44.284Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Splunk Enterprise",
          "vendor": "Splunk",
          "versions": [
            {
              "lessThan": "10.2.1",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0.4",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.4.9",
              "status": "affected",
              "version": "9.4",
              "versionType": "custom"
            },
            {
              "lessThan": "9.3.10",
              "status": "affected",
              "version": "9.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Splunk Cloud Platform",
          "vendor": "Splunk",
          "versions": [
            {
              "lessThan": "10.2.2510.7",
              "status": "affected",
              "version": "10.2.2510",
              "versionType": "custom"
            },
            {
              "lessThan": "10.1.2507.17",
              "status": "affected",
              "version": "10.1.2507",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0.2503.12",
              "status": "affected",
              "version": "10.0.2503",
              "versionType": "custom"
            },
            {
              "lessThan": "9.3.2411.124",
              "status": "affected",
              "version": "9.3.2411",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "John Copeland"
        }
      ],
      "datePublic": "2026-03-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could retrieve sensitive information by inspecting the job\u0027s search log due to improper access control in the MongoClient logging channel."
            }
          ],
          "value": "In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could retrieve sensitive information by inspecting the job\u0027s search log due to improper access control in the MongoClient logging channel."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T16:17:54.427Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "url": "https://advisory.splunk.com/advisories/SVD-2026-0304"
        }
      ],
      "source": {
        "advisory": "SVD-2026-0304"
      },
      "title": "Sensitive Information Disclosure in MongoClient logging channel in Splunk Enterprise"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20165",
    "datePublished": "2026-03-11T16:17:54.427Z",
    "dateReserved": "2025-10-08T11:59:15.390Z",
    "dateUpdated": "2026-03-12T16:19:44.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-68161",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-18T21:34:24.735166Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-18T21:46:19.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-20T00:13:44.911Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/12/18/1"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.logging.log4j:log4j-core",
          "packageURL": "pkg:maven/org.apache.logging.log4j/log4j-core",
          "product": "Apache Log4j Core",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "2.25.3",
              "status": "affected",
              "version": "2.0-beta9",
              "versionType": "maven"
            },
            {
              "lessThanOrEqual": "3.0.0-beta3",
              "status": "affected",
              "version": "3.0.0-alpha1",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Samuli Leinonen"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe Socket Appender in Apache Log4j Core versions \u003ccode\u003e2.0-beta9\u003c/code\u003e through \u003ccode\u003e2.25.2\u003c/code\u003e does not perform TLS hostname verification of the peer certificate, even when the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName\"\u003everifyHostName\u003c/a\u003e configuration attribute or the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName\"\u003elog4j2.sslVerifyHostName\u003c/a\u003e system property is set to \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\u003cp\u003eThis issue may allow a man-in-the-middle attacker to intercept or redirect log traffic under the following conditions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eThe attacker is able to intercept or redirect network traffic between the client and the log receiver.\u003c/li\u003e\u003cli\u003eThe attacker can present a server certificate issued by a certification authority trusted by the Socket Appender\u2019s configured \u003cstrong\u003etrust store\u003c/strong\u003e (or by the default Java trust store if no custom trust store is configured).\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eUsers are advised to upgrade to Apache Log4j Core version \u003ccode\u003e2.25.3\u003c/code\u003e, which addresses this issue.\u003c/p\u003e\u003cp\u003eAs an alternative mitigation, the Socket Appender may be configured to use a private or restricted trust root to limit the set of trusted certificates.\u003c/p\u003e"
            }
          ],
          "value": "The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the  verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName  configuration attribute or the  log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName  system property is set to true.\n\nThis issue may allow a man-in-the-middle attacker to intercept or redirect log traffic under the following conditions:\n\n  *  The attacker is able to intercept or redirect network traffic between the client and the log receiver.\n  *  The attacker can present a server certificate issued by a certification authority trusted by the Socket Appender\u2019s configured trust store (or by the default Java trust store if no custom trust store is configured).\n\n\nUsers are advised to upgrade to Apache Log4j Core version 2.25.3, which addresses this issue.\n\nAs an alternative mitigation, the Socket Appender may be configured to use a private or restricted trust root to limit the set of trusted certificates."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-297",
              "description": "CWE-297 Improper Validation of Certificate with Host Mismatch",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-19T06:45:03.886Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/apache/logging-log4j2/pull/4002"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://logging.apache.org/security.html#CVE-2025-68161"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://logging.apache.org/cyclonedx/vdr.xml"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/xr33kyxq3sl67lwb61ggvm1fzc8k7dvx"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Log4j Core: Missing TLS hostname verification in Socket appender",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-68161",
    "datePublished": "2025-12-18T20:47:49.123Z",
    "dateReserved": "2025-12-16T11:30:53.875Z",
    "dateUpdated": "2026-01-20T00:13:44.911Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-29371",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-17T18:38:20.096134Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1259",
                "description": "CWE-1259 Improper Restriction of Security Token Assignment",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-17T18:48:36.126Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-23T19:28:10.386Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-29371",
    "datePublished": "2025-12-17T00:00:00.000Z",
    "dateReserved": "2024-03-19T00:00:00.000Z",
    "dateUpdated": "2026-01-23T19:28:10.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32989",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T20:04:51.314429Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T20:06:49.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:07.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/11/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.9-9.el10_0.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.2::baseos",
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-7-rhel9",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-10T07:54:13.541Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T22:02:30.532Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:16115",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:16115"
        },
        {
          "name": "RHSA-2025:16116",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:16116"
        },
        {
          "name": "RHSA-2025:17181",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "name": "RHSA-2025:17348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17348"
        },
        {
          "name": "RHSA-2025:17361",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17361"
        },
        {
          "name": "RHSA-2025:19088",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:19088"
        },
        {
          "name": "RHSA-2025:22529",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:22529"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32989"
        },
        {
          "name": "RHBZ#2359621",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359621"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-15T01:21:36.512Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T07:54:13.541Z",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: vulnerability in gnutls sct extension parsing",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32989",
    "datePublished": "2025-07-10T08:05:26.307Z",
    "dateReserved": "2025-04-15T01:31:12.104Z",
    "dateUpdated": "2025-12-01T22:02:30.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.6,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47183",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-11T19:44:07.115924Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-11T20:24:52.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In GStreamer through 1.26.1, the isomp4 plugin\u0027s qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T19:18:54.978Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gstreamer.freedesktop.org/security/"
        },
        {
          "url": "https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-47183",
    "datePublished": "2025-08-07T00:00:00.000Z",
    "dateReserved": "2025-05-02T00:00:00.000Z",
    "dateUpdated": "2025-08-11T20:24:52.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47914",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T20:50:27.263405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T20:50:30.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh/agent",
          "product": "golang.org/x/crypto/ssh/agent",
          "programRoutines": [
            {
              "name": "parseConstraints"
            },
            {
              "name": "ForwardToAgent"
            },
            {
              "name": "ServeAgent"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.45.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jakub Ciolek"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-237",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T17:15:00.344Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
        },
        {
          "url": "https://go.dev/cl/721960"
        },
        {
          "url": "https://go.dev/issue/76364"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4135"
        }
      ],
      "title": "Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-47914",
    "datePublished": "2025-11-19T20:33:43.126Z",
    "dateReserved": "2025-05-13T23:31:29.597Z",
    "dateUpdated": "2025-11-20T17:15:00.344Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6395",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:32:33.292878Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T16:02:39.265Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:14:21.080Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/11/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.9-9.el10_0.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.2::baseos",
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-7-rhel9",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:6b79ed10423d954d21dd24c9cb1cf507f6e02c2942ace7fa30cf7af2ffaeb631",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-10T07:56:53.029Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite()."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-22T00:06:26.808Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:16115",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:16115"
        },
        {
          "name": "RHSA-2025:16116",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:16116"
        },
        {
          "name": "RHSA-2025:17181",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17181"
        },
        {
          "name": "RHSA-2025:17348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17348"
        },
        {
          "name": "RHSA-2025:17361",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17361"
        },
        {
          "name": "RHSA-2025:17415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:17415"
        },
        {
          "name": "RHSA-2025:19088",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:19088"
        },
        {
          "name": "RHSA-2025:22529",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:22529"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6395"
        },
        {
          "name": "RHBZ#2376755",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-07T09:30:13.037Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T07:56:53.029Z",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6395",
    "datePublished": "2025-07-10T15:20:46.031Z",
    "dateReserved": "2025-06-20T06:26:20.649Z",
    "dateUpdated": "2026-01-22T00:06:26.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8291",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-29T15:15:06.403842Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1285",
                "description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-29T15:15:27.172Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory"
            ],
            "url": "https://github.com/psf/advisory-database/blob/main/advisories/python/PSF-2025-12.json"
          },
          {
            "tags": [
              "technical-description",
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-hhv7-p4pg-wm6p"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.9.24",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            },
            {
              "lessThan": "3.10.19",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.11.14",
              "status": "affected",
              "version": "3.11.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.12.12",
              "status": "affected",
              "version": "3.12.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.13.10",
              "status": "affected",
              "version": "3.13.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.14.1",
              "status": "affected",
              "version": "3.14.0",
              "versionType": "python"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Caleb Brown (Google)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Serhiy Storchaka"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "Seth Larson"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\u003c/p\u003e\n\u003cp\u003eRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.\u003c/p\u003e"
            }
          ],
          "value": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-02T17:43:54.139Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/pull/139702"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/139700"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/76437ac248ad8ca44e9bf697b02b1e2241df2196"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ZIP64 End of Central Directory (EOCD) Locator record offset not checked",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2025-8291",
    "datePublished": "2025-10-07T18:10:05.908Z",
    "dateReserved": "2025-07-28T21:05:06.237Z",
    "dateUpdated": "2025-12-02T17:43:54.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-22795",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T20:03:18.604129Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-29T18:13:37.371Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.5",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.4",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.6",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.19",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.1ze",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Luigino Camastra (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Bob Beck"
        }
      ],
      "datePublic": "2026-01-27T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: An invalid or NULL pointer dereference can happen in\u003cbr\u003ean application processing a malformed PKCS#12 file.\u003cbr\u003e\u003cbr\u003eImpact summary: An application processing a malformed PKCS#12 file can be\u003cbr\u003ecaused to dereference an invalid or NULL pointer on memory read, resulting\u003cbr\u003ein a Denial of Service.\u003cbr\u003e\u003cbr\u003eA type confusion vulnerability exists in PKCS#12 parsing code where\u003cbr\u003ean ASN1_TYPE union member is accessed without first validating the type,\u003cbr\u003ecausing an invalid pointer read.\u003cbr\u003e\u003cbr\u003eThe location is constrained to a 1-byte address space, meaning any\u003cbr\u003eattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\u003cbr\u003eThis range corresponds to the zero page, which is unmapped on most modern\u003cbr\u003eoperating systems and will reliably result in a crash, leading only to a\u003cbr\u003eDenial of Service. Exploiting this issue also requires a user or application\u003cbr\u003eto process a maliciously crafted PKCS#12 file. It is uncommon to accept\u003cbr\u003euntrusted PKCS#12 files in applications as they are usually used to store\u003cbr\u003eprivate keys which are trusted by definition. For these reasons, the issue\u003cbr\u003ewas assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\u003cbr\u003eas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\u003cbr\u003e\u003cbr\u003eOpenSSL 1.0.2 is not affected by this issue."
            }
          ],
          "value": "Issue summary: An invalid or NULL pointer dereference can happen in\nan application processing a malformed PKCS#12 file.\n\nImpact summary: An application processing a malformed PKCS#12 file can be\ncaused to dereference an invalid or NULL pointer on memory read, resulting\nin a Denial of Service.\n\nA type confusion vulnerability exists in PKCS#12 parsing code where\nan ASN1_TYPE union member is accessed without first validating the type,\ncausing an invalid pointer read.\n\nThe location is constrained to a 1-byte address space, meaning any\nattempted pointer manipulation can only target addresses between 0x00 and 0xFF.\nThis range corresponds to the zero page, which is unmapped on most modern\noperating systems and will reliably result in a crash, leading only to a\nDenial of Service. Exploiting this issue also requires a user or application\nto process a maliciously crafted PKCS#12 file. It is uncommon to accept\nuntrusted PKCS#12 files in applications as they are usually used to store\nprivate keys which are trusted by definition. For these reasons, the issue\nwas assessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.\n\nOpenSSL 1.0.2 is not affected by this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-27T16:01:27.320Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260127.txt"
        },
        {
          "name": "3.6.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2"
        },
        {
          "name": "3.5.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4"
        },
        {
          "name": "3.4.4 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12"
        },
        {
          "name": "3.3.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e"
        },
        {
          "name": "3.0.19 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Missing ASN1_TYPE validation in PKCS#12 parsing",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2026-22795",
    "datePublished": "2026-01-27T16:01:27.320Z",
    "dateReserved": "2026-01-09T18:54:13.570Z",
    "dateUpdated": "2026-01-29T18:13:37.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-09T20:03:37.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/03/07/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250509-0007/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 4.4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-22870",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T16:31:16.493335Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-115",
                "description": "CWE-115 Misinterpretation of Input",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T16:32:14.847Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/net/http/httpproxy",
          "product": "golang.org/x/net/http/httpproxy",
          "programRoutines": [
            {
              "name": "config.useProxy"
            },
            {
              "name": "domainMatch.match"
            }
          ],
          "vendor": "golang.org/x/net",
          "versions": [
            {
              "lessThan": "0.36.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/net/proxy",
          "product": "golang.org/x/net/proxy",
          "programRoutines": [
            {
              "name": "PerHost.dialerForRequest"
            },
            {
              "name": "PerHost.AddFromString"
            },
            {
              "name": "Dial"
            },
            {
              "name": "FromEnvironment"
            },
            {
              "name": "FromEnvironmentUsing"
            },
            {
              "name": "PerHost.Dial"
            },
            {
              "name": "PerHost.DialContext"
            }
          ],
          "vendor": "golang.org/x/net",
          "versions": [
            {
              "lessThan": "0.36.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Juho Fors\u00e9n of Mattermost"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-115 Misinterpretation of Input",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-12T18:27:59.376Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/654697"
        },
        {
          "url": "https://go.dev/issue/71984"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3503"
        }
      ],
      "title": "HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-22870",
    "datePublished": "2025-03-12T18:27:59.376Z",
    "dateReserved": "2025-01-08T19:11:42.834Z",
    "dateUpdated": "2025-05-09T20:03:37.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "9.0.95",
                "status": "affected",
                "version": "9.0.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.30",
                "status": "affected",
                "version": "10.1.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "11.0.0-M26",
                "status": "affected",
                "version": "11.0.0-M1",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T14:50:59.890424Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-04T15:59:51.152Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:45:28.908Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/18/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250124-0003/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M26",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.30",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.95",
              "status": "affected",
              "version": "9.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u0026nbsp;ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u0026nbsp;Authentication components that behave in this way.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\u003c/p\u003e\u003cp\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\u0026nbsp;Other EOL versions may also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u00a0ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u00a0Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\u00a0Other EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:51:23.610Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Apache Tomcat: Authentication bypass when using Jakarta Authentication API",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-52316",
    "datePublished": "2024-11-18T11:32:22.072Z",
    "dateReserved": "2024-11-07T07:41:56.639Z",
    "dateUpdated": "2025-11-04T15:59:51.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12727",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-11T04:55:41.768359Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:46:58.212Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "142.0.7444.137",
              "status": "affected",
              "version": "142.0.7444.137",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inappropriate implementation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T20:00:55.682Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html"
        },
        {
          "url": "https://issues.chromium.org/issues/454485895"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-12727",
    "datePublished": "2025-11-10T20:00:55.682Z",
    "dateReserved": "2025-11-04T21:56:37.024Z",
    "dateUpdated": "2026-02-26T17:46:58.212Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-45582",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-11T18:27:18.891014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-11T18:27:30.573Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-02T00:12:55.951Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/11/01/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Tar",
          "vendor": "GNU",
          "versions": [
            {
              "lessThanOrEqual": "1.35",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:gnu:tar:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "1.35",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file\u0027s name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mechanism of \"Member name contains \u0027..\u0027\" that would occur for a single TAR archive that attempted to specify the critical file via a ../ approach. For example, the first archive can contain \"x -\u003e ../../../../../home/victim/.ssh\" and the second archive can contain x/authorized_keys. This can affect server applications that automatically extract any number of user-supplied TAR archives, and were relying on the blocking of traversal. This can also affect software installation processes in which \"tar xf\" is run more than once (e.g., when installing a package can automatically install two dependencies that are set up as untrusted tarballs instead of official packages). NOTE: the official GNU Tar manual has an otherwise-empty directory for each \"tar xf\" in its Security Rules of Thumb; however, third-party advice leads users to run \"tar xf\" more than once into the same directory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-24",
              "description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-18T03:08:06.530Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
        },
        {
          "url": "https://www.gnu.org/software/tar/"
        },
        {
          "url": "https://www.gnu.org/software/tar/manual/html_node/Security-rules-of-thumb.html"
        },
        {
          "url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html"
        },
        {
          "url": "https://lists.gnu.org/archive/html/bug-tar/2025-08/msg00012.html"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-45582",
    "datePublished": "2025-07-11T00:00:00.000Z",
    "dateReserved": "2025-04-22T00:00:00.000Z",
    "dateUpdated": "2025-11-02T00:12:55.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:38:04.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/09/23/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241101-0010/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "11.0.0-m20",
                "status": "affected",
                "version": "11.0.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.24",
                "status": "affected",
                "version": "10.1.0-m1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "9.0.89",
                "status": "affected",
                "version": "9.0.13",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38286",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T16:33:49.152023Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T16:36:00.935Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M20",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.24",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.89",
              "status": "affected",
              "version": "9.0.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.109",
              "status": "affected",
              "version": "7.0.92",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Ozaki, North Grid Corporation"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAllocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.35 through 8.5.100 and 7.0.92 through 7.0.109.\u0026nbsp;Other EOL versions may also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003eApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89.\n\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.35 through 8.5.100 and 7.0.92 through 7.0.109.\u00a0Other EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue.\n\n\n\nApache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:54:56.605Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-04T06:21:00.000Z",
          "value": "Issue reported to Apache Tomcat Security Team"
        }
      ],
      "title": "Apache Tomcat: Denial of Service",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-38286",
    "datePublished": "2024-11-07T07:37:32.224Z",
    "dateReserved": "2024-06-12T16:27:23.740Z",
    "dateUpdated": "2025-11-03T20:38:04.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-47906",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-18T20:42:17.936162Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-18T20:42:38.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:54.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/06/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "os/exec",
          "product": "os/exec",
          "programRoutines": [
            {
              "name": "LookPath"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.23.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.6",
              "status": "affected",
              "version": "1.24.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-115: Misinterpretation of Input",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-18T18:41:11.847Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/691775"
        },
        {
          "url": "https://go.dev/issue/74466"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3956"
        }
      ],
      "title": "Unexpected paths returned from LookPath in os/exec"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-47906",
    "datePublished": "2025-09-18T18:41:11.847Z",
    "dateReserved": "2025-05-13T23:31:29.596Z",
    "dateUpdated": "2025-11-04T21:10:54.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:40:47.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2021-35938"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://rpm.org/wiki/Releases/4.18.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rpm-software-management/rpm/pull/1919"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
          },
          {
            "name": "GLSA-202210-22",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202210-22"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RPM",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in rpm v4.18.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59 - Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-31T00:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964114"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1157880"
        },
        {
          "url": "https://access.redhat.com/security/cve/CVE-2021-35938"
        },
        {
          "url": "https://rpm.org/wiki/Releases/4.18.0"
        },
        {
          "url": "https://github.com/rpm-software-management/rpm/pull/1919"
        },
        {
          "url": "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033"
        },
        {
          "name": "GLSA-202210-22",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202210-22"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2021-35938",
    "datePublished": "2022-08-25T00:00:00.000Z",
    "dateReserved": "2021-06-29T00:00:00.000Z",
    "dateUpdated": "2024-08-04T00:40:47.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6069",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T13:58:28.646020Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T13:58:41.637Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "html.parser"
          ],
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.9.24",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            },
            {
              "lessThan": "3.10.19",
              "status": "affected",
              "version": "3.10.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.11.14",
              "status": "affected",
              "version": "3.11.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.12.12",
              "status": "affected",
              "version": "3.12.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.13.6",
              "status": "affected",
              "version": "3.13.0",
              "versionType": "python"
            },
            {
              "lessThan": "3.14.0b3",
              "status": "affected",
              "version": "3.14.0a1",
              "versionType": "python"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Serhiy Storchaka"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jake Howard"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "sw0rd1ight"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service."
            }
          ],
          "value": "The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "CWE-1333 Inefficient Regular Expression Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-09T18:37:55.979Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/135462"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/pull/135464"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/K5PIYLR6EP3WR7ZOKKYQUWEDNQVUXOYM/"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/8d1b3dfa09135affbbf27fb8babcf3c11415df49"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/ab0893fd5c579d9cea30841680e6d35fc478afb5"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/f3c6f882cddc8dc30320d2e73edf019e201394fc"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/fdc9d214c01cb4588f540cfa03726bbf2a33fc15"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "HTMLParser quadratic complexity when processing malformed inputs",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2025-6069",
    "datePublished": "2025-06-17T13:39:46.058Z",
    "dateReserved": "2025-06-13T14:05:15.473Z",
    "dateUpdated": "2025-10-09T18:37:55.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-69421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-28T15:17:58.059460Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-28T02:58:24.792Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.5",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.4",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.6",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.19",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.1ze",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "1.0.2zn",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Luigino Camastra (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Luigino Camastra (Aisle Research)"
        }
      ],
      "datePublic": "2026-01-27T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\u003cbr\u003edereference in the PKCS12_item_decrypt_d2i_ex() function.\u003cbr\u003e\u003cbr\u003eImpact summary: A NULL pointer dereference can trigger a crash which leads to\u003cbr\u003eDenial of Service for an application processing PKCS#12 files.\u003cbr\u003e\u003cbr\u003eThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\u003cbr\u003eparameter is NULL before dereferencing it. When called from\u003cbr\u003ePKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\u003cbr\u003ebe NULL, causing a crash. The vulnerability is limited to Denial of Service\u003cbr\u003eand cannot be escalated to achieve code execution or memory disclosure.\u003cbr\u003e\u003cbr\u003eExploiting this issue requires an attacker to provide a malformed PKCS#12 file\u003cbr\u003eto an application that processes it. For that reason the issue was assessed as\u003cbr\u003eLow severity according to our Security Policy.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\u003cbr\u003eas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue."
            }
          ],
          "value": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer\ndereference in the PKCS12_item_decrypt_d2i_ex() function.\n\nImpact summary: A NULL pointer dereference can trigger a crash which leads to\nDenial of Service for an application processing PKCS#12 files.\n\nThe PKCS12_item_decrypt_d2i_ex() function does not check whether the oct\nparameter is NULL before dereferencing it. When called from\nPKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can\nbe NULL, causing a crash. The vulnerability is limited to Denial of Service\nand cannot be escalated to achieve code execution or memory disclosure.\n\nExploiting this issue requires an attacker to provide a malformed PKCS#12 file\nto an application that processes it. For that reason the issue was assessed as\nLow severity according to our Security Policy.\n\nThe FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#12 implementation is outside the OpenSSL FIPS module boundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-27T16:01:26.435Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260127.txt"
        },
        {
          "name": "3.6.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/a2dbc539f0f9cc63832709fa5aa33ad9495eb19c"
        },
        {
          "name": "3.5.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/3524a29271f8191b8fd8a5257eb05173982a097b"
        },
        {
          "name": "3.4.4 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/643986985cd1c21221f941129d76fe0c2785aeb3"
        },
        {
          "name": "3.3.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/4bbc8d41a72c842ce4077a8a3eccd1109aaf74bd"
        },
        {
          "name": "3.0.19 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/36ecb4960872a4ce04bf6f1e1f4e78d75ec0c0c7"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2025-69421",
    "datePublished": "2026-01-27T16:01:26.435Z",
    "dateReserved": "2026-01-06T12:44:09.946Z",
    "dateUpdated": "2026-02-28T02:58:24.792Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-12428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-11T04:55:44.773857Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:47:01.496Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "142.0.7444.59",
              "status": "affected",
              "version": "142.0.7444.59",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-843",
              "description": "Type Confusion",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T20:00:12.016Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html"
        },
        {
          "url": "https://issues.chromium.org/issues/447613211"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-12428",
    "datePublished": "2025-11-10T20:00:12.016Z",
    "dateReserved": "2025-10-28T20:16:47.463Z",
    "dateUpdated": "2026-02-26T17:47:01.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:03.939Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/16/1"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-48988",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T18:20:54.922006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T18:21:45.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.7",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.41",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.105",
              "status": "affected",
              "version": "9.0.0.M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.5.0",
              "status": "unknown",
              "version": "6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "TERASOLUNA Framework Security Team of NTT DATA Group Corporation"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAllocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\u003cbr\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:45:39.382Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/nzkqsok8t42qofgqfmck536mtyzygp18"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: FileUpload large number of parts with headers DoS",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-48988",
    "datePublished": "2025-06-16T14:13:40.457Z",
    "dateReserved": "2025-05-29T15:24:32.685Z",
    "dateUpdated": "2025-11-03T20:05:03.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-54677",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-17T16:41:40.093839Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-17T16:45:33.335Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:32:11.848Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/17/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/17/6"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/18/1"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250131-0006/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.1",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.33",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.97",
              "status": "affected",
              "version": "9.0.0.M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "8.5.0",
              "status": "unknown",
              "version": "3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.27",
              "status": "unknown",
              "version": "10.0.0-M1",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97.\u003cbr\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97.\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions \nmay also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-29T11:50:15.072Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Tomcat: DoS in examples web application",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-54677",
    "datePublished": "2024-12-17T12:35:50.948Z",
    "dateReserved": "2024-12-05T07:31:33.851Z",
    "dateUpdated": "2025-11-03T19:32:11.848Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-62408",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-09T14:20:03.531539Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-09T16:05:06.098Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "c-ares",
          "vendor": "c-ares",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e 1.32.3, \u003c 1.34.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5  terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-08T22:04:08.565Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-jq53-42q6-pqr5"
        },
        {
          "name": "https://github.com/c-ares/c-ares/commit/714bf5675c541bd1e668a8db8e67ce012651e618",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/c-ares/c-ares/commit/714bf5675c541bd1e668a8db8e67ce012651e618"
        }
      ],
      "source": {
        "advisory": "GHSA-jq53-42q6-pqr5",
        "discovery": "UNKNOWN"
      },
      "title": "c-ares has a Use After Free vulnerability when connection is cleaned up after error"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-62408",
    "datePublished": "2025-12-08T22:04:08.565Z",
    "dateReserved": "2025-10-13T16:26:12.178Z",
    "dateUpdated": "2025-12-09T16:05:06.098Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-0913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-11T17:35:44.313980Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-11T17:37:52.111Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "syscall",
          "platforms": [
            "windows"
          ],
          "product": "syscall",
          "programRoutines": [
            {
              "name": "Open"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.23.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.4",
              "status": "affected",
              "version": "1.24.0-0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "os",
          "platforms": [
            "windows"
          ],
          "product": "os",
          "programRoutines": [
            {
              "name": "OpenFile"
            },
            {
              "name": "Root.OpenFile"
            },
            {
              "name": "Chdir"
            },
            {
              "name": "Chmod"
            },
            {
              "name": "Chown"
            },
            {
              "name": "CopyFS"
            },
            {
              "name": "Create"
            },
            {
              "name": "CreateTemp"
            },
            {
              "name": "File.ReadDir"
            },
            {
              "name": "File.Readdir"
            },
            {
              "name": "File.Readdirnames"
            },
            {
              "name": "Getwd"
            },
            {
              "name": "Lchown"
            },
            {
              "name": "Link"
            },
            {
              "name": "Lstat"
            },
            {
              "name": "Mkdir"
            },
            {
              "name": "MkdirAll"
            },
            {
              "name": "MkdirTemp"
            },
            {
              "name": "NewFile"
            },
            {
              "name": "Open"
            },
            {
              "name": "OpenInRoot"
            },
            {
              "name": "OpenRoot"
            },
            {
              "name": "Pipe"
            },
            {
              "name": "ReadDir"
            },
            {
              "name": "ReadFile"
            },
            {
              "name": "Remove"
            },
            {
              "name": "RemoveAll"
            },
            {
              "name": "Rename"
            },
            {
              "name": "Root.Create"
            },
            {
              "name": "Root.Lstat"
            },
            {
              "name": "Root.Mkdir"
            },
            {
              "name": "Root.Open"
            },
            {
              "name": "Root.OpenRoot"
            },
            {
              "name": "Root.Remove"
            },
            {
              "name": "Root.Stat"
            },
            {
              "name": "StartProcess"
            },
            {
              "name": "Stat"
            },
            {
              "name": "Symlink"
            },
            {
              "name": "Truncate"
            },
            {
              "name": "WriteFile"
            },
            {
              "name": "dirFS.Open"
            },
            {
              "name": "dirFS.ReadDir"
            },
            {
              "name": "dirFS.ReadFile"
            },
            {
              "name": "dirFS.Stat"
            },
            {
              "name": "rootFS.Open"
            },
            {
              "name": "rootFS.ReadDir"
            },
            {
              "name": "rootFS.ReadFile"
            },
            {
              "name": "rootFS.Stat"
            },
            {
              "name": "unixDirent.Info"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.23.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.4",
              "status": "affected",
              "version": "1.24.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Junyoung Park and Dong-uk Kim of KAIST Hacking Lab"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-11T17:17:25.606Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/672396"
        },
        {
          "url": "https://go.dev/issue/73702"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3750"
        }
      ],
      "title": "Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-0913",
    "datePublished": "2025-06-11T17:17:25.606Z",
    "dateReserved": "2025-01-30T21:52:33.447Z",
    "dateUpdated": "2025-06-11T17:37:52.111Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:53:53.661Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/"
          },
          {
            "name": "[debian-lts-announce] 20230331 [SECURITY] [DLA 3377-1] systemd security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230505-0009/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-26604",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-07T18:16:19.952528Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-269",
                "description": "CWE-269 Improper Privilege Management",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-07T18:16:47.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the \"systemctl status\" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-11T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7"
        },
        {
          "url": "https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340"
        },
        {
          "url": "https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/"
        },
        {
          "name": "[debian-lts-announce] 20230331 [SECURITY] [DLA 3377-1] systemd security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230505-0009/"
        },
        {
          "url": "http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-26604",
    "datePublished": "2023-03-03T00:00:00.000Z",
    "dateReserved": "2023-02-26T00:00:00.000Z",
    "dateUpdated": "2025-03-07T18:16:47.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 5.9,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-9232",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-30T19:22:31.407504Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-30T19:22:35.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:15:19.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/09/30/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.5.4",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.3",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.5",
              "status": "affected",
              "version": "3.3.3",
              "versionType": "semver"
            },
            {
              "lessThan": "3.2.6",
              "status": "affected",
              "version": "3.2.4",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.18",
              "status": "affected",
              "version": "3.0.16",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Stanislav Fort (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Stanislav Fort (Aisle Research)"
        }
      ],
      "datePublic": "2025-09-30T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: An application using the OpenSSL HTTP client API functions may\u003cbr\u003etrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\u003cbr\u003ethe host portion of the authority component of the HTTP URL is an IPv6 address.\u003cbr\u003e\u003cbr\u003eImpact summary: An out-of-bounds read can trigger a crash which leads to\u003cbr\u003eDenial of Service for an application.\u003cbr\u003e\u003cbr\u003eThe OpenSSL HTTP client API functions can be used directly by applications\u003cbr\u003ebut they are also used by the OCSP client functions and CMP (Certificate\u003cbr\u003eManagement Protocol) client implementation in OpenSSL. However the URLs used\u003cbr\u003eby these implementations are unlikely to be controlled by an attacker.\u003cbr\u003e\u003cbr\u003eIn this vulnerable code the out of bounds read can only trigger a crash.\u003cbr\u003eFurthermore the vulnerability requires an attacker-controlled URL to be\u003cbr\u003epassed from an application to the OpenSSL function and the user has to have\u003cbr\u003ea \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\u003cbr\u003eissue was assessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe vulnerable code was introduced in the following patch releases:\u003cbr\u003e3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\u003cbr\u003eissue, as the HTTP client implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary."
            }
          ],
          "value": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-30T13:17:19.172Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20250930.txt"
        },
        {
          "name": "3.5.4 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/2b4ec20e47959170422922eaff25346d362dcb35"
        },
        {
          "name": "3.4.3 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/7cf21a30513c9e43c4bc3836c237cf086e194af3"
        },
        {
          "name": "3.3.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/bbf38c034cdabd0a13330abcc4855c866f53d2e0"
        },
        {
          "name": "3.2.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/89e790ac431125a4849992858490bed6b225eadf"
        },
        {
          "name": "3.0.18 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/654dc11d23468a74fc8ea4672b702dd3feb7be4b"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Out-of-bounds read in HTTP client no_proxy handling",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2025-9232",
    "datePublished": "2025-09-30T13:17:19.172Z",
    "dateReserved": "2025-08-20T08:38:12.019Z",
    "dateUpdated": "2025-11-04T21:15:19.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-61725",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-03T19:44:00.658774Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:44:03.341Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:14:05.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/10/08/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/mail",
          "product": "net/mail",
          "programRoutines": [
            {
              "name": "addrParser.consumeDomainLiteral"
            },
            {
              "name": "AddressParser.Parse"
            },
            {
              "name": "AddressParser.ParseList"
            },
            {
              "name": "Header.AddressList"
            },
            {
              "name": "ParseAddress"
            },
            {
              "name": "ParseAddressList"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.24.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.25.2",
              "status": "affected",
              "version": "1.25.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Philippe Antoine (Catena cyber)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-09T17:42:06.541Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/709860"
        },
        {
          "url": "https://go.dev/issue/75680"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-4006"
        }
      ],
      "title": "Excessive CPU consumption in ParseAddress in net/mail"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-61725",
    "datePublished": "2025-10-29T22:10:12.255Z",
    "dateReserved": "2025-09-30T15:05:03.605Z",
    "dateUpdated": "2025-12-09T17:42:06.541Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4598",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T13:43:28.420360Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T13:43:42.405Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:46.971Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/05/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/05/3"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/08/18/3"
          },
          {
            "url": "https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598"
          },
          {
            "url": "https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00022.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Jun/9"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/08/18/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/systemd/systemd",
          "defaultStatus": "unaffected",
          "packageName": "systemd-coredump",
          "versions": [
            {
              "lessThan": "252.37",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "253.32",
              "status": "affected",
              "version": "253.0",
              "versionType": "semver"
            },
            {
              "lessThan": "254.25",
              "status": "affected",
              "version": "254.0",
              "versionType": "semver"
            },
            {
              "lessThan": "255.19",
              "status": "affected",
              "version": "255.0",
              "versionType": "semver"
            },
            {
              "lessThan": "256.14",
              "status": "affected",
              "version": "256.0",
              "versionType": "semver"
            },
            {
              "lessThan": "257.6",
              "status": "affected",
              "version": "257.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:252-55.el9_7.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:252-55.el9_7.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-7-rhel9",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:cfaf2a3c9513bd280265b0e2ca5f7d60022a2e362027becfeb2c133179925523",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-8-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/rhceph-8-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:97a60239048123bc963d7c9ac2ad85caa6a254759e44c15f173ca12ea51e4719",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:1d72e553fe5a7696e600dc8fd2fe9050ba1992fa190bea622134ca7bfce7bb0d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "systemd",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-02T09:32:58.456Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:22660",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:22660"
        },
        {
          "name": "RHSA-2025:22868",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:22868"
        },
        {
          "name": "RHSA-2025:23227",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:23227"
        },
        {
          "name": "RHSA-2025:23234",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:23234"
        },
        {
          "name": "RHSA-2026:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:0414"
        },
        {
          "name": "RHSA-2026:1652",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:1652"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4598"
        },
        {
          "name": "RHBZ#2369242",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-29T19:04:54.578Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-29T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4598",
    "datePublished": "2025-05-30T13:13:26.049Z",
    "dateReserved": "2025-05-12T16:33:34.815Z",
    "dateUpdated": "2026-02-02T09:32:58.456Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-22796",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-27T16:27:50.351586Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-27T16:28:52.046Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "3.6.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.5.5",
              "status": "affected",
              "version": "3.5.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.4.4",
              "status": "affected",
              "version": "3.4.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.6",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.19",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.1ze",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "1.0.2zn",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Luigino Camastra (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Bob Beck"
        }
      ],
      "datePublic": "2026-01-27T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: A type confusion vulnerability exists in the signature\u003cbr\u003everification of signed PKCS#7 data where an ASN1_TYPE union member is\u003cbr\u003eaccessed without first validating the type, causing an invalid or NULL\u003cbr\u003epointer dereference when processing malformed PKCS#7 data.\u003cbr\u003e\u003cbr\u003eImpact summary: An application performing signature verification of PKCS#7\u003cbr\u003edata or calling directly the PKCS7_digest_from_attributes() function can be\u003cbr\u003ecaused to dereference an invalid or NULL pointer when reading, resulting in\u003cbr\u003ea Denial of Service.\u003cbr\u003e\u003cbr\u003eThe function PKCS7_digest_from_attributes() accesses the message digest attribute\u003cbr\u003evalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\u003cbr\u003ethis results in accessing invalid memory through the ASN1_TYPE union, causing\u003cbr\u003ea crash.\u003cbr\u003e\u003cbr\u003eExploiting this vulnerability requires an attacker to provide a malformed\u003cbr\u003esigned PKCS#7 to an application that verifies it. The impact of the\u003cbr\u003eexploit is just a Denial of Service, the PKCS7 API is legacy and applications\u003cbr\u003eshould be using the CMS API instead. For these reasons the issue was\u003cbr\u003eassessed as Low severity.\u003cbr\u003e\u003cbr\u003eThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\u003cbr\u003eas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\u003cbr\u003eboundary.\u003cbr\u003e\u003cbr\u003eOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue."
            }
          ],
          "value": "Issue summary: A type confusion vulnerability exists in the signature\nverification of signed PKCS#7 data where an ASN1_TYPE union member is\naccessed without first validating the type, causing an invalid or NULL\npointer dereference when processing malformed PKCS#7 data.\n\nImpact summary: An application performing signature verification of PKCS#7\ndata or calling directly the PKCS7_digest_from_attributes() function can be\ncaused to dereference an invalid or NULL pointer when reading, resulting in\na Denial of Service.\n\nThe function PKCS7_digest_from_attributes() accesses the message digest attribute\nvalue without validating its type. When the type is not V_ASN1_OCTET_STRING,\nthis results in accessing invalid memory through the ASN1_TYPE union, causing\na crash.\n\nExploiting this vulnerability requires an attacker to provide a malformed\nsigned PKCS#7 to an application that verifies it. The impact of the\nexploit is just a Denial of Service, the PKCS7 API is legacy and applications\nshould be using the CMS API instead. For these reasons the issue was\nassessed as Low severity.\n\nThe FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue,\nas the PKCS#7 parsing implementation is outside the OpenSSL FIPS module\nboundary.\n\nOpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://openssl-library.org/policies/general/security-policy/"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-27T16:01:28.150Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://openssl-library.org/news/secadv/20260127.txt"
        },
        {
          "name": "3.6.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/ef2fb66ec571564d64d1c74a12e388a2a54d05d2"
        },
        {
          "name": "3.5.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/2502e7b7d4c0cf4f972a881641fe09edc67aeec4"
        },
        {
          "name": "3.4.4 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/7bbca05be55b129651d9df4bdb92becc45002c12"
        },
        {
          "name": "3.3.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/eeee3cbd4d682095ed431052f00403004596373e"
        },
        {
          "name": "3.0.19 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/572844beca95068394c916626a6d3a490f831a49"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2026-22796",
    "datePublished": "2026-01-27T16:01:28.150Z",
    "dateReserved": "2026-01-09T18:54:13.571Z",
    "dateUpdated": "2026-01-27T16:28:52.046Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64183",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-14T18:38:28.928677Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-14T18:38:32.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openexr",
          "vendor": "AcademySoftwareFoundation",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.2.0, \u003c 3.2.5"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.3.0, \u003c 3.3.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.4.0, \u003c 3.4.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416: Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T21:29:54.234Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m"
        },
        {
          "name": "https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L109-L115",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L109-L115"
        }
      ],
      "source": {
        "advisory": "GHSA-57cw-j6vp-2p9m",
        "discovery": "UNKNOWN"
      },
      "title": "OpenEXR has use after free in PyObject_StealAttrString"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-64183",
    "datePublished": "2025-11-10T21:29:54.234Z",
    "dateReserved": "2025-10-28T21:07:16.440Z",
    "dateUpdated": "2025-11-14T18:38:32.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-13042",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-13T04:55:29.562309Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T16:57:10.473Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "142.0.7444.166",
              "status": "affected",
              "version": "142.0.7444.166",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Inappropriate implementation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-12T16:48:43.925Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_11.html"
        },
        {
          "url": "https://issues.chromium.org/issues/457351015"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2025-13042",
    "datePublished": "2025-11-12T16:48:43.925Z",
    "dateReserved": "2025-11-11T21:52:51.567Z",
    "dateUpdated": "2026-02-26T16:57:10.473Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-5642",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T13:47:34.169947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T20:14:30.590Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:06.642Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html"
          },
          {
            "tags": [
              "mitigation",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/pull/23014"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4"
          },
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://github.com/python/cpython/issues/121227"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240726-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CPython",
          "repo": "https://github.com/python/cpython",
          "vendor": "Python Software Foundation",
          "versions": [
            {
              "lessThan": "3.9.24",
              "status": "affected",
              "version": "0",
              "versionType": "python"
            },
            {
              "lessThan": "3.10.0b1",
              "status": "affected",
              "version": "3.10.0a1",
              "versionType": "python"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "CPython 3.9 and earlier doesn\u0027t disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see \u003cspan style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\"\u003eCVE\u003c/span\u003e\u003cspan style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\"\u003e-2024\u003c/span\u003e\u003cspan style=\"background-color: oklab(0.0852327 0.00000386313 0.00000170618 / 0.06);\"\u003e-5535\u003c/span\u003e for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).\u003cbr\u003e"
            }
          ],
          "value": "CPython 3.9 and earlier doesn\u0027t disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured)."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-09T18:36:41.965Z",
        "orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
        "shortName": "PSF"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html"
        },
        {
          "tags": [
            "mitigation"
          ],
          "url": "https://github.com/python/cpython/pull/23014"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/06/28/4"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/python/cpython/issues/121227"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240726-0005/"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/python/cpython/commit/a2cdbb6e8188ba9ba8b356b28d91bff60e86fe31"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Buffer overread when using an empty list with SSLContext.set_npn_protocols()",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
    "assignerShortName": "PSF",
    "cveId": "CVE-2024-5642",
    "datePublished": "2024-06-27T21:05:31.281Z",
    "dateReserved": "2024-06-04T18:40:21.539Z",
    "dateUpdated": "2025-10-09T18:36:41.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}